General
-
Target
invoice-ID711675345593.vbs
-
Size
317B
-
Sample
210106-5by88cgkd6
-
MD5
730f4edff655d002cbf863543d542c10
-
SHA1
59f1a7fdd6ff3e0a0191af7f6febaeaba1a4ae44
-
SHA256
1c58b7edbf5afeeccdff1eda0694d86572e7e25df35cadba6d1c6cd11b6384bd
-
SHA512
b16eefc3b7a188664ceb4385611305564f02585cb75a1ace40d45d49f22bf2c42686c147e09230f1d04658f5d04cfeec9fef9053604737fe3c7597bff0994441
Static task
static1
Behavioral task
behavioral1
Sample
invoice-ID711675345593.vbs
Resource
win7v20201028
Malware Config
Extracted
http://nyanxcat.online/Runpe/test/N1/PS.jpg
Extracted
asyncrat
0.5.7B
saico015.linkpc.net:6666
AsyncMutex_6SI8OkPnk
-
aes_key
9FovObaHt9uwQBnog9MPOAzupINFTyW8
-
anti_detection
false
-
autorun
false
-
bdos
false
-
delay
Default
-
host
saico015.linkpc.net
-
hwid
3
- install_file
-
install_folder
%AppData%
-
mutex
AsyncMutex_6SI8OkPnk
-
pastebin_config
null
-
port
6666
-
version
0.5.7B
Targets
-
-
Target
invoice-ID711675345593.vbs
-
Size
317B
-
MD5
730f4edff655d002cbf863543d542c10
-
SHA1
59f1a7fdd6ff3e0a0191af7f6febaeaba1a4ae44
-
SHA256
1c58b7edbf5afeeccdff1eda0694d86572e7e25df35cadba6d1c6cd11b6384bd
-
SHA512
b16eefc3b7a188664ceb4385611305564f02585cb75a1ace40d45d49f22bf2c42686c147e09230f1d04658f5d04cfeec9fef9053604737fe3c7597bff0994441
-
Async RAT payload
-
Blocklisted process makes network request
-