General
-
Target
FedEx Invoice 202116435.exe
-
Size
766KB
-
Sample
210116-9jv49cg7fj
-
MD5
fd3988d887f5e982384dca104ea49001
-
SHA1
d3ad5fa2af44707e5e27b76fdbebf5a9ae28b457
-
SHA256
aa0399675c53f77a7996102b5301ea24814642e9eee30648c9ac75b3b1052235
-
SHA512
868c4795ae2fea9aaa98ad069c97564bc051ee73e728bdd61ba7f250b8b9d9b41013b4446a61a364c71f6f4105f25790938a1cbeaba64850159f69ad4836811c
Static task
static1
Behavioral task
behavioral1
Sample
FedEx Invoice 202116435.exe
Resource
win7v20201028
Malware Config
Extracted
asyncrat
0.5.7B
79.134.225.45:2233
AsyncMutex_6SI8OkPnk
-
aes_key
yCFT3D6MMz3qsbxnPTBTTSsUCB2B6gqZ
-
anti_detection
false
-
autorun
false
-
bdos
false
-
delay
Default
-
host
79.134.225.45
-
hwid
5
- install_file
-
install_folder
%AppData%
-
mutex
AsyncMutex_6SI8OkPnk
-
pastebin_config
null
-
port
2233
-
version
0.5.7B
Targets
-
-
Target
FedEx Invoice 202116435.exe
-
Size
766KB
-
MD5
fd3988d887f5e982384dca104ea49001
-
SHA1
d3ad5fa2af44707e5e27b76fdbebf5a9ae28b457
-
SHA256
aa0399675c53f77a7996102b5301ea24814642e9eee30648c9ac75b3b1052235
-
SHA512
868c4795ae2fea9aaa98ad069c97564bc051ee73e728bdd61ba7f250b8b9d9b41013b4446a61a364c71f6f4105f25790938a1cbeaba64850159f69ad4836811c
-
Async RAT payload
-
Suspicious use of SetThreadContext
-