General
-
Target
Details Job.lnk
-
Size
1KB
-
Sample
210104-lmnne59mbs
-
MD5
ead6fa9c59da5f9b8d1f6221e7bfec8b
-
SHA1
f1362a2fe9eea70d7efb231baf2ebc091ba9aa82
-
SHA256
f0b87b3327347983e7a87ccd057fa7f080fd65459c538390a7486fc303644f0b
-
SHA512
b7ec11e1ea6bd0925a8c6020f75f0061273e6114201dffaaa969537bbadceccaff9f8ae0207c3bca7184b5774523e91917cf950796179592a8ad755d608bac7d
Static task
static1
Behavioral task
behavioral1
Sample
Details Job.lnk
Resource
win7v20201028
Malware Config
Extracted
http://nyanxcat.online/spam/v1/Fud.html
Extracted
asyncrat
0.5.7B
getcookies.ddns.net:8888
AsyncMutex_6SI8OkPnk
-
aes_key
KrPiyjIzWtdy5WaUqRCVIyG63PWNjYWg
-
anti_detection
false
-
autorun
false
-
bdos
false
-
delay
Default
-
host
getcookies.ddns.net
-
hwid
3
- install_file
-
install_folder
%AppData%
-
mutex
AsyncMutex_6SI8OkPnk
-
pastebin_config
null
-
port
8888
-
version
0.5.7B
Targets
-
-
Target
Details Job.lnk
-
Size
1KB
-
MD5
ead6fa9c59da5f9b8d1f6221e7bfec8b
-
SHA1
f1362a2fe9eea70d7efb231baf2ebc091ba9aa82
-
SHA256
f0b87b3327347983e7a87ccd057fa7f080fd65459c538390a7486fc303644f0b
-
SHA512
b7ec11e1ea6bd0925a8c6020f75f0061273e6114201dffaaa969537bbadceccaff9f8ae0207c3bca7184b5774523e91917cf950796179592a8ad755d608bac7d
-
Async RAT payload
-
Blocklisted process makes network request
-
Drops file in System32 directory
-