General
-
Target
338046b4bd5337aa3d6ccea6b45c7950.exe
-
Size
98KB
-
Sample
210101-69tff3667n
-
MD5
338046b4bd5337aa3d6ccea6b45c7950
-
SHA1
2a85497a77928068a064674237610b6a9bb7aed9
-
SHA256
3bc701b864cc3fffdb154ed410de8f893cc31b577e7df78347742a8ab15ce9ef
-
SHA512
7d3781710087ea81b4256a6ad3fa04bc9e072282be1229b5f62165cc3c30b96746c8f89934f8057840323885dd19d01804df1756ad4466272ed21a5a76879e94
Behavioral task
behavioral1
Sample
338046b4bd5337aa3d6ccea6b45c7950.exe
Resource
win7v20201028
Malware Config
Extracted
asyncrat
0.5.7B
null:null
AsyncMutex_6SI8OkPnk
-
aes_key
MbJHwqGReQMnsZXxOd2433A3UKiKEwZV
-
anti_detection
false
-
autorun
true
-
bdos
false
-
delay
GrieferGames
-
host
null
-
hwid
3
- install_file
-
install_folder
%AppData%
-
mutex
AsyncMutex_6SI8OkPnk
-
pastebin_config
https://pastebin.com/raw/bC60Y12E
-
port
null
-
version
0.5.7B
Targets
-
-
Target
338046b4bd5337aa3d6ccea6b45c7950.exe
-
Size
98KB
-
MD5
338046b4bd5337aa3d6ccea6b45c7950
-
SHA1
2a85497a77928068a064674237610b6a9bb7aed9
-
SHA256
3bc701b864cc3fffdb154ed410de8f893cc31b577e7df78347742a8ab15ce9ef
-
SHA512
7d3781710087ea81b4256a6ad3fa04bc9e072282be1229b5f62165cc3c30b96746c8f89934f8057840323885dd19d01804df1756ad4466272ed21a5a76879e94
-
Async RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-