General
-
Target
1798_.jpg.ps1
-
Size
262KB
-
Sample
211225-nepsesgfep
-
MD5
3bb7a462c0fbde3ad0466454a3b31597
-
SHA1
c182f5bd9c742997e336468664193edbb13f69e5
-
SHA256
e3bb74650d18fcefe9eb26f27fc72f2d68798d7f818ae40b861d9202054a544a
-
SHA512
e919dddb57d989e8fcffa79233bbc9cdfe8d62b144d84750b554fc40e324476cde72161ae61fea0926765cdd67f215c2904818d905e5fcb224353f596c88624c
Static task
static1
Behavioral task
behavioral1
Sample
1798_.jpg.ps1
Resource
win7-en-20211208
Malware Config
Extracted
asyncrat
0.5.7B
ZAIN-WORK
2pop.ddns.net:6666
AsyncMutex_6SI8OkPnk
-
anti_vm
false
-
bsod
false
-
delay
3
-
install
false
-
install_folder
%AppData%
-
pastebin_config
null
Targets
-
-
Target
1798_.jpg.ps1
-
Size
262KB
-
MD5
3bb7a462c0fbde3ad0466454a3b31597
-
SHA1
c182f5bd9c742997e336468664193edbb13f69e5
-
SHA256
e3bb74650d18fcefe9eb26f27fc72f2d68798d7f818ae40b861d9202054a544a
-
SHA512
e919dddb57d989e8fcffa79233bbc9cdfe8d62b144d84750b554fc40e324476cde72161ae61fea0926765cdd67f215c2904818d905e5fcb224353f596c88624c
-
Async RAT payload
-
Suspicious use of SetThreadContext
-