General
-
Target
Invoice-ID43739424297.vbs
-
Size
305B
-
Sample
210113-wdj6tqwq56
-
MD5
e78c88623c207166afa977ddb0afefc4
-
SHA1
ad5bc3c62e12ca88fc6bd8e51001156e379433fb
-
SHA256
695c7c580690a30a5454ab156ad21d44da887098ad00b2cfff3b9b11e80b4c6d
-
SHA512
9e13dfb091903e31d3ff535c17f0952e6445252f12101c777e31a590bae626833259de999bf5d621de4c0270a0a036bab6db84d1fa72dd0b727253a2c88046c2
Static task
static1
Behavioral task
behavioral1
Sample
Invoice-ID43739424297.vbs
Resource
win7v20201028
Malware Config
Extracted
https://www.minpic.de/k/bgnt/ce637
Extracted
asyncrat
0.5.7B
fat7e07.ddns.net:1177
AsyncMutex_6SI8OkPnk
-
aes_key
xl0t83bchaksRVJ46pFw5phLXuET6ukd
-
anti_detection
false
-
autorun
false
-
bdos
false
-
delay
Default
-
host
fat7e07.ddns.net
-
hwid
3
- install_file
-
install_folder
%AppData%
-
mutex
AsyncMutex_6SI8OkPnk
-
pastebin_config
null
-
port
1177
-
version
0.5.7B
Targets
-
-
Target
Invoice-ID43739424297.vbs
-
Size
305B
-
MD5
e78c88623c207166afa977ddb0afefc4
-
SHA1
ad5bc3c62e12ca88fc6bd8e51001156e379433fb
-
SHA256
695c7c580690a30a5454ab156ad21d44da887098ad00b2cfff3b9b11e80b4c6d
-
SHA512
9e13dfb091903e31d3ff535c17f0952e6445252f12101c777e31a590bae626833259de999bf5d621de4c0270a0a036bab6db84d1fa72dd0b727253a2c88046c2
-
Async RAT payload
-
Blocklisted process makes network request
-