Behavioral task
behavioral1
Sample
VRLuMTic.exe
Resource
win7v20210410
windows7_x64
0 signatures
0 seconds
General
-
Target
VRLuMTic.exe
-
Size
45KB
-
MD5
8d039cde4fb365b31d84aab6db00f230
-
SHA1
e935a05d2c04c952929760b283a6c76a233c6b3a
-
SHA256
a844cc35141ecd43e40f86de60070e578cb89278877938ad409506bed45696cd
-
SHA512
a1b05e103b14999e6fd67536136beb0554161e86a0572e62acd845766ae472a570729dece993f5ef7eb0a9acfb3a8756dc4106c9af8dfa384e60352ade3cece1
Malware Config
Extracted
Family
asyncrat
Version
0.5.7B
C2
ramsteincor.duckdns.org:6606
ramsteincor.duckdns.org:7707
ramsteincor.duckdns.org:222
Mutex
AsyncMutex_6SI8OkPnk
Attributes
-
aes_key
q1yHunBNWC96a4KM2Xxtaww4U0SdhpEG
-
anti_detection
false
-
autorun
false
-
bdos
false
-
delay
Default
-
host
ramsteincor.duckdns.org
-
hwid
3
- install_file
-
install_folder
%AppData%
-
mutex
AsyncMutex_6SI8OkPnk
-
pastebin_config
null
-
port
6606,7707,222
-
version
0.5.7B
aes.plain
Signatures
Files
-
VRLuMTic.exe.exe windows x86