General
-
Target
BL_3409876544LDZ.exe
-
Size
675KB
-
Sample
211014-fkpqlsgbe3
-
MD5
728701a50def94c4af432a8a1f1b44ea
-
SHA1
b7c4429595cb3c7a7490b7d8baafacf44be13120
-
SHA256
c2ec0a1d7984be0fb24004369eca5bed7882ce5fe9e3cad45511f3eb30d4fe24
-
SHA512
c097e9f8b87b97bc905051f2b36b418948696e904db66ecc67f8d850d52a55541e030b95d32b1b3cdd0c93db24eeb46cca223fce92aea984df2c023d513726a8
Static task
static1
Behavioral task
behavioral1
Sample
BL_3409876544LDZ.exe
Resource
win7v20210408
Malware Config
Extracted
asyncrat
0.5.7B
Default
185.222.58.154:06275
AsyncMutex_6SI8OkPnk
-
anti_vm
false
-
bsod
false
-
delay
20
-
install
false
-
install_file
invoice.pdf.exe
-
install_folder
%AppData%
-
pastebin_config
null
Targets
-
-
Target
BL_3409876544LDZ.exe
-
Size
675KB
-
MD5
728701a50def94c4af432a8a1f1b44ea
-
SHA1
b7c4429595cb3c7a7490b7d8baafacf44be13120
-
SHA256
c2ec0a1d7984be0fb24004369eca5bed7882ce5fe9e3cad45511f3eb30d4fe24
-
SHA512
c097e9f8b87b97bc905051f2b36b418948696e904db66ecc67f8d850d52a55541e030b95d32b1b3cdd0c93db24eeb46cca223fce92aea984df2c023d513726a8
-
Async RAT payload
-
Suspicious use of SetThreadContext
-