Behavioral task
behavioral1
Sample
cYA0CfaS.exe
Resource
win7v20210408
windows7_x64
0 signatures
0 seconds
General
-
Target
cYA0CfaS.exe
-
Size
45KB
-
MD5
e2fcb5500c8ead72ff54fd89b022bfc5
-
SHA1
b8dab173dde62ca4634c4d196d7b04c0bd90d27a
-
SHA256
ca433bcb65c83280e3634dd2fb32bf4c82ac636f85ff157c12c9593628b7fa18
-
SHA512
4ae863e530bd6aa62b80707009cf7621f9da099417e0c5961da8dc2e6f09d80c956cf1a4a2a717b16e6c91d75b3451bd7e401d21193e24da3c6251afd6d0d8df
Malware Config
Extracted
Family
asyncrat
Version
0.5.7B
C2
tayfagreatie.duckdns.org:9797
Mutex
AsyncMutex_6SI8OkPnk
Attributes
-
aes_key
DVfEy9v9u0QhS8mR1ktZYNyIFadJCrY8
-
anti_detection
false
-
autorun
false
-
bdos
false
-
delay
Default
-
host
tayfagreatie.duckdns.org
-
hwid
3
- install_file
-
install_folder
%AppData%
-
mutex
AsyncMutex_6SI8OkPnk
-
pastebin_config
null
-
port
9797
-
version
0.5.7B
aes.plain
Signatures
Files
-
cYA0CfaS.exe.exe windows x86