General
-
Target
net5.exe
-
Size
766KB
-
Sample
210721-vw2p1ffl2j
-
MD5
c094c57d960c5db1a798911c59cb9c91
-
SHA1
daa83187c52c8fd8349e2525cc0754ccdc023fd0
-
SHA256
4780ad66fe081922301a8a90ca01d2e30c6bd5cfcfbe3d768773e8cf86e864df
-
SHA512
c11437aa95c3588cca5cb6da12fb7a46b3c01b408d8673174f1df85e5bc29471d303adc997cd873d80045765a38c75daa0fc94217f6a25003cbbc160ea5a6f3b
Static task
static1
Behavioral task
behavioral1
Sample
net5.exe
Resource
win7v20210410
Malware Config
Extracted
asyncrat
0.5.7A
mysubdomain873.duckdns.org:600
AsyncMutex_6SI8OkPnk
-
aes_key
6ARSUbK1J7i0ZiDwHtKhtGLRoDs9BiV3
-
anti_detection
false
-
autorun
false
-
bdos
false
-
delay
Default
-
host
mysubdomain873.duckdns.org
-
hwid
1
- install_file
-
install_folder
%AppData%
-
mutex
AsyncMutex_6SI8OkPnk
-
pastebin_config
null
-
port
600
-
version
0.5.7A
Targets
-
-
Target
net5.exe
-
Size
766KB
-
MD5
c094c57d960c5db1a798911c59cb9c91
-
SHA1
daa83187c52c8fd8349e2525cc0754ccdc023fd0
-
SHA256
4780ad66fe081922301a8a90ca01d2e30c6bd5cfcfbe3d768773e8cf86e864df
-
SHA512
c11437aa95c3588cca5cb6da12fb7a46b3c01b408d8673174f1df85e5bc29471d303adc997cd873d80045765a38c75daa0fc94217f6a25003cbbc160ea5a6f3b
-
Async RAT payload
-
Suspicious use of SetThreadContext
-