General
-
Target
CB2B849CE8C762788B9DD3D1C76B4335.exe
-
Size
337KB
-
Sample
210630-mgk7rwmsna
-
MD5
cb2b849ce8c762788b9dd3d1c76b4335
-
SHA1
0f9455e7a69e58978933d2adef6dce0b90232e87
-
SHA256
9129df53f7560474c635daeb18350aaf46478897003aef437c819a71e03b18b0
-
SHA512
566013e53569d49207862631e1ac788c9c4ea4d61f2d91426ec535f56adbf75327195711922152126c73800d2ddb7b21013f0e66ec1688f8363e83f9c35e0858
Static task
static1
Behavioral task
behavioral1
Sample
CB2B849CE8C762788B9DD3D1C76B4335.exe
Resource
win7v20210408
Malware Config
Extracted
asyncrat
0.5.7B
jeazerx.duckdns.org:6606
jeazerx.duckdns.org:7707
jeazerx.duckdns.org:8808
AsyncMutex_6SI8OkPnk
-
aes_key
VblPQ71TMKjHlMdGNW0PCuWC0JDkreV3
-
anti_detection
false
-
autorun
false
-
bdos
false
-
delay
OsuBuddy!
-
host
jeazerx.duckdns.org
-
hwid
3
- install_file
-
install_folder
%AppData%
-
mutex
AsyncMutex_6SI8OkPnk
-
pastebin_config
null
-
port
6606,7707,8808
-
version
0.5.7B
Targets
-
-
Target
CB2B849CE8C762788B9DD3D1C76B4335.exe
-
Size
337KB
-
MD5
cb2b849ce8c762788b9dd3d1c76b4335
-
SHA1
0f9455e7a69e58978933d2adef6dce0b90232e87
-
SHA256
9129df53f7560474c635daeb18350aaf46478897003aef437c819a71e03b18b0
-
SHA512
566013e53569d49207862631e1ac788c9c4ea4d61f2d91426ec535f56adbf75327195711922152126c73800d2ddb7b21013f0e66ec1688f8363e83f9c35e0858
Score10/10-
Async RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-