General
-
Target
DHL Delivery Invoice AWB 2774038374.pdf.exe
-
Size
786KB
-
Sample
210421-w2gebm2jzs
-
MD5
d743cbe63d8fbd4f86cc5606c22147a6
-
SHA1
dac98cb344e90b0e9872a8fee8df8e30c884fc90
-
SHA256
153539010b81b41dcbd4cf3932a91e8e3fe2cb8a077dcbce4be08dce7fa5091c
-
SHA512
553799f270fa11b6437c7c1066359db33de7c54eea0d1821bf4d721b5d54c69af24ee66bdc9b86f30ce14af3603a0ebf87a53166b5d84c38a904e87a6a83f16d
Static task
static1
Behavioral task
behavioral1
Sample
DHL Delivery Invoice AWB 2774038374.pdf.exe
Resource
win7v20210410
Malware Config
Extracted
asyncrat
0.5.7B
vladmir001.myddns.me:6381
AsyncMutex_6SI8OkPnk
-
aes_key
4JaeOmABEr7aogISnRFvR85Emmylke5f
-
anti_detection
false
-
autorun
false
-
bdos
false
-
delay
Default
-
host
vladmir001.myddns.me
-
hwid
3
- install_file
-
install_folder
%AppData%
-
mutex
AsyncMutex_6SI8OkPnk
-
pastebin_config
null
-
port
6381
-
version
0.5.7B
Targets
-
-
Target
DHL Delivery Invoice AWB 2774038374.pdf.exe
-
Size
786KB
-
MD5
d743cbe63d8fbd4f86cc5606c22147a6
-
SHA1
dac98cb344e90b0e9872a8fee8df8e30c884fc90
-
SHA256
153539010b81b41dcbd4cf3932a91e8e3fe2cb8a077dcbce4be08dce7fa5091c
-
SHA512
553799f270fa11b6437c7c1066359db33de7c54eea0d1821bf4d721b5d54c69af24ee66bdc9b86f30ce14af3603a0ebf87a53166b5d84c38a904e87a6a83f16d
-
Async RAT payload
-
Suspicious use of SetThreadContext
-