General
-
Target
dsse.exe
-
Size
38.0MB
-
Sample
211020-v218asacen
-
MD5
917af4200d799a64919795d98418da12
-
SHA1
90b40f97644113cca0bfe2169de77d9f7ca45260
-
SHA256
e71f1c06d9d43301bebaaed1d28ad768fd51c27e4de192d611b0d4bcaf0093a3
-
SHA512
cef5c9733400101adb2f75b87c6dbbbd1a289de5f606829bc5bf4413a72942a6d80a346b3ed4f6bd862ac7fae3456718ec9afd7a2fd2286824bf7769ad583883
Static task
static1
Behavioral task
behavioral1
Sample
dsse.exe
Resource
win7-en-20210920
Malware Config
Extracted
asyncrat
0.5.7B
Default
79.134.225.35:1004
AsyncMutex_6SI8OkPnk
-
anti_vm
false
-
bsod
false
-
delay
3
-
install
false
-
install_folder
%AppData%
-
pastebin_config
null
Targets
-
-
Target
dsse.exe
-
Size
38.0MB
-
MD5
917af4200d799a64919795d98418da12
-
SHA1
90b40f97644113cca0bfe2169de77d9f7ca45260
-
SHA256
e71f1c06d9d43301bebaaed1d28ad768fd51c27e4de192d611b0d4bcaf0093a3
-
SHA512
cef5c9733400101adb2f75b87c6dbbbd1a289de5f606829bc5bf4413a72942a6d80a346b3ed4f6bd862ac7fae3456718ec9afd7a2fd2286824bf7769ad583883
-
suricata: ET MALWARE Observed Malicious SSL Cert (AsyncRAT Server)
suricata: ET MALWARE Observed Malicious SSL Cert (AsyncRAT Server)
-
Async RAT payload
-
Suspicious use of SetThreadContext
-