General
-
Target
Inquiry_TRASKO Ltd.bat.exe
-
Size
675KB
-
Sample
220126-rmav1sebb2
-
MD5
fac3b8f2d85a7876ffa623a67ca3f6ae
-
SHA1
6583251903d4c33ce658bff984db0e24e2db0b2a
-
SHA256
b17340a23a7971818b456182495976b46413f10b7570b3dd78cd189cff3b22f8
-
SHA512
0a29f75e2c843e033aa0110678d5f56d5c3d50bd74e022660c8893f0bd59303defe48233a5425a357c33f53405f6bd7b3947284f3d4cd84623557c6974d61bc9
Static task
static1
Behavioral task
behavioral1
Sample
Inquiry_TRASKO Ltd.bat.exe
Resource
win7-en-20211208
Malware Config
Extracted
asyncrat
0.5.7B
Default
fforward20.duckdns.org:6606
fforward20.duckdns.org:7707
fforward20.duckdns.org:8808
AsyncMutex_6SI8OkPnk
-
anti_vm
false
-
bsod
false
-
delay
3
-
install
false
-
install_folder
%AppData%
-
pastebin_config
null
Targets
-
-
Target
Inquiry_TRASKO Ltd.bat.exe
-
Size
675KB
-
MD5
fac3b8f2d85a7876ffa623a67ca3f6ae
-
SHA1
6583251903d4c33ce658bff984db0e24e2db0b2a
-
SHA256
b17340a23a7971818b456182495976b46413f10b7570b3dd78cd189cff3b22f8
-
SHA512
0a29f75e2c843e033aa0110678d5f56d5c3d50bd74e022660c8893f0bd59303defe48233a5425a357c33f53405f6bd7b3947284f3d4cd84623557c6974d61bc9
-
Async RAT payload
-
Suspicious use of SetThreadContext
-