General
-
Target
Sega1b.exe
-
Size
509KB
-
Sample
211129-nwx55acaer
-
MD5
98706453f50546ee727ee5617505a485
-
SHA1
67fa7f0cfd503800028ea2a5b8f5e9898368febd
-
SHA256
7e4f903b3491e6fd757e2963906acb0136ed28bb55158e37c6225a0fbada4122
-
SHA512
3c065cc4c642209fd61c78d0c4bbbeed23a8db466b255e9fa7761901a4dcfef72496a40513ea12817eccfe221ad4c23ae39d0b7798ada6e5862b0bcae1b3fc72
Static task
static1
Behavioral task
behavioral1
Sample
Sega1b.exe
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
Sega1b.exe
Resource
win10-en-20211104
Malware Config
Extracted
asyncrat
0.5.7B
3
217.64.149.93:1973
df4Rtg34dFt5ynrew
-
anti_vm
false
-
bsod
false
-
delay
3
-
install
false
-
install_folder
%AppData%
-
pastebin_config
null
Targets
-
-
Target
Sega1b.exe
-
Size
509KB
-
MD5
98706453f50546ee727ee5617505a485
-
SHA1
67fa7f0cfd503800028ea2a5b8f5e9898368febd
-
SHA256
7e4f903b3491e6fd757e2963906acb0136ed28bb55158e37c6225a0fbada4122
-
SHA512
3c065cc4c642209fd61c78d0c4bbbeed23a8db466b255e9fa7761901a4dcfef72496a40513ea12817eccfe221ad4c23ae39d0b7798ada6e5862b0bcae1b3fc72
Score10/10-
Async RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-