General
-
Target
KGk7fkL6.exe
-
Size
45KB
-
Sample
210501-p4jhy1x3an
-
MD5
6c3eefa15c5dcf8046a280f434363488
-
SHA1
ba5ddc35cf6c386e3353973669d02c9379077b08
-
SHA256
9e06b7c674cac8288caedab6c882b20dc66aa7e83299c724801791d402e5818c
-
SHA512
282172cc98f831b9719f63e4e723426f2145053f725a3940d06cd975fd45790199f4adb0c308678f2a63d7bf846f6c2efbbe62b7acf75466f1fc8851da89b92e
Behavioral task
behavioral1
Sample
KGk7fkL6.exe
Resource
win7v20210408
Malware Config
Extracted
asyncrat
0.5.7B
Tktlert.kro.kr:5000
dwadwad1aw98d1965gtf*h47eft65h14fte98h41rt6h1ft789h41rft9h
-
aes_key
kuTGboagNLBMaK5ftkoTGf5T7oZj2sRO
-
anti_detection
true
-
autorun
true
-
bdos
true
-
delay
Default
-
host
Tktlert.kro.kr
-
hwid
3
- install_file
-
install_folder
%Temp%
-
mutex
dwadwad1aw98d1965gtf*h47eft65h14fte98h41rt6h1ft789h41rft9h
-
pastebin_config
null
-
port
5000
-
version
0.5.7B
Targets
-
-
Target
KGk7fkL6.exe
-
Size
45KB
-
MD5
6c3eefa15c5dcf8046a280f434363488
-
SHA1
ba5ddc35cf6c386e3353973669d02c9379077b08
-
SHA256
9e06b7c674cac8288caedab6c882b20dc66aa7e83299c724801791d402e5818c
-
SHA512
282172cc98f831b9719f63e4e723426f2145053f725a3940d06cd975fd45790199f4adb0c308678f2a63d7bf846f6c2efbbe62b7acf75466f1fc8851da89b92e
-
Async RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-