General
-
Target
Faktura Sizeer.PDF.zip
-
Size
316KB
-
Sample
220114-krg2kafdhp
-
MD5
7ca9fd143ef4fdd49da9bef40b4c4a7a
-
SHA1
7cc5243b5a85c9a8b8b8e71eca0a260d41ca1448
-
SHA256
f6a02b872f66c473c65b11f6d6e590693753ad3dfbc441a6826bfba59a68ec76
-
SHA512
3489c86a58a22451266fb11919d271e7c95f8ee597f6ca5bba3d2315f7c9d27ccf6039255988c592ca65744fdf709f609c6fb88c3d89e2b5e76ac8213a0780c0
Static task
static1
Behavioral task
behavioral1
Sample
Faktura Sizeer/Faktura Sizeer PDF.scr
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
Faktura Sizeer/Faktura Sizeer PDF.scr
Resource
win10-en-20211208
Malware Config
Extracted
asyncrat
0.5.7B
Default
ssonn.v6.rocks:7707
sson.dnsup.net:7707
PLPL
-
anti_vm
false
-
bsod
false
-
delay
3
-
install
false
-
install_folder
%AppData%
-
pastebin_config
null
Targets
-
-
Target
Faktura Sizeer/Faktura Sizeer PDF.scr
-
Size
439KB
-
MD5
cbd21bd0144b7f30b391ab92dcc7ef66
-
SHA1
a07dbdd56d33c93196cf1af8abded3f7eebd7509
-
SHA256
0419d8d710c448dfba5fdb36f01cde6e702cf062a55e20a3ccac0dd54f71cbb3
-
SHA512
010963c5c7a25f076ceec49d40e7831318c1c6be76c2d7a5df8ac2694b88da8e8fed39bee17c5a1c439671d0dc1ad89fe901161b43c78376e3f4f36a8657419e
-
suricata: ET MALWARE Observed Malicious SSL Cert (AsyncRAT Server)
suricata: ET MALWARE Observed Malicious SSL Cert (AsyncRAT Server)
-
Async RAT payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-