General
-
Target
Halkbank_Ekstre_20210118_162356_389771.exe
-
Size
1003KB
-
Sample
210118-at3l2cl1b2
-
MD5
84217fc5c07aabf3321ed2c0feed1cba
-
SHA1
4ba652be61d9185a8ae35f12a951d315f2c5dec5
-
SHA256
cdcc8531c42e3ede33c0ecbcb82f7a6e5445e959eee3796475258df830a18813
-
SHA512
923d5fb3e3879837e338d0437a8751074a8114f8e6d7f8c0e4c960109b00bafe9d92be41db9ed46f20249cf6b5d4f90f5b8ed173f7d0a6b1df16c046e7f50f13
Static task
static1
Behavioral task
behavioral1
Sample
Halkbank_Ekstre_20210118_162356_389771.exe
Resource
win7v20201028
Malware Config
Extracted
asyncrat
0.5.7B
127.0.0.1:6606
127.0.0.1:7707
127.0.0.1:8808
127.0.0.1:1604
91.193.75.189:6606
91.193.75.189:7707
91.193.75.189:8808
91.193.75.189:1604
AsyncMutex_6SI8OkPnk
-
aes_key
mfafeIQA2jA2dXxxjBmJHl3XAeFPQwQb
-
anti_detection
false
-
autorun
false
-
bdos
false
-
delay
Default
-
host
127.0.0.1,91.193.75.189
-
hwid
10
- install_file
-
install_folder
%AppData%
-
mutex
AsyncMutex_6SI8OkPnk
-
pastebin_config
null
-
port
6606,7707,8808,1604
-
version
0.5.7B
Targets
-
-
Target
Halkbank_Ekstre_20210118_162356_389771.exe
-
Size
1003KB
-
MD5
84217fc5c07aabf3321ed2c0feed1cba
-
SHA1
4ba652be61d9185a8ae35f12a951d315f2c5dec5
-
SHA256
cdcc8531c42e3ede33c0ecbcb82f7a6e5445e959eee3796475258df830a18813
-
SHA512
923d5fb3e3879837e338d0437a8751074a8114f8e6d7f8c0e4c960109b00bafe9d92be41db9ed46f20249cf6b5d4f90f5b8ed173f7d0a6b1df16c046e7f50f13
-
Async RAT payload
-
Suspicious use of SetThreadContext
-