General
-
Target
6042026928406528.zip
-
Size
22KB
-
Sample
220117-mw6ltshhcp
-
MD5
3dd7860cfc37ffd953614a797147ec3f
-
SHA1
50ea250c0ba636440d4d7c915140a1b200f7963f
-
SHA256
2eb6d67d11aafd0158625be8e2f116f6bd78876e1f0ac3461b764f86fdbd894f
-
SHA512
fdc38e679b083c3eca495c4b68cb3af2d18e7776e1a2e3dffb31d6ec6db0a816b3f2aa57a610882d2e27c1abaf23b1459c2c7f39b697c595a8f8485504d2b990
Behavioral task
behavioral1
Sample
bc81c1f42f33236e77ec08654b84fe226e6565015b0fe961a739a19e219703e5.exe
Resource
win7-en-20211208
Malware Config
Extracted
asyncrat
0.5.7B
Default
ssonn.v6.rocks:7707
sson.dnsup.net:7707
PLPL
-
anti_vm
false
-
bsod
false
-
delay
3
-
install
false
-
install_folder
%AppData%
-
pastebin_config
null
Targets
-
-
Target
bc81c1f42f33236e77ec08654b84fe226e6565015b0fe961a739a19e219703e5
-
Size
45KB
-
MD5
9e08ad4c7063a1655e5d72bbf26d3880
-
SHA1
0799aa66a3b27ef678b7438d8872f4702e9d2a18
-
SHA256
bc81c1f42f33236e77ec08654b84fe226e6565015b0fe961a739a19e219703e5
-
SHA512
bdc08c61368847b31d4e716ade7b03d4d6e08640cc5dda39118a9a661916f51560749aa27f8b0e5bd576e73fad783b89fc55da14b33fa0646f2ed0f0301370ab
-
suricata: ET MALWARE Observed Malicious SSL Cert (AsyncRAT Server)
suricata: ET MALWARE Observed Malicious SSL Cert (AsyncRAT Server)
-
Async RAT payload
-