General
-
Target
6244bdface5bf2ec0ab400f9db947965.exe
-
Size
402KB
-
Sample
220308-wdfgcshhe4
-
MD5
6244bdface5bf2ec0ab400f9db947965
-
SHA1
45fb8ac87b2e2af7ccefbfa8ab7d7eb514af833d
-
SHA256
abbc7c74c2cb191f07cf02c63619d67f3f07439b1e761f62b18bf578d3ac754f
-
SHA512
1b6269819dd03e787010880ed550bb6d5f2293cc1402d45bce4c63a99f2b099193e37da8971f8de30e3d5bad705afb82b27541ccd77b43fc34437d40f6553a9d
Static task
static1
Behavioral task
behavioral1
Sample
6244bdface5bf2ec0ab400f9db947965.exe
Resource
win7-20220223-en
Behavioral task
behavioral2
Sample
6244bdface5bf2ec0ab400f9db947965.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
asyncrat
0.5.7B
2
212.193.30.54:9524
wyQ92!.,=FT72few
-
anti_vm
false
-
bsod
false
-
delay
3
-
install
false
-
install_folder
%AppData%
-
pastebin_config
null
Targets
-
-
Target
6244bdface5bf2ec0ab400f9db947965.exe
-
Size
402KB
-
MD5
6244bdface5bf2ec0ab400f9db947965
-
SHA1
45fb8ac87b2e2af7ccefbfa8ab7d7eb514af833d
-
SHA256
abbc7c74c2cb191f07cf02c63619d67f3f07439b1e761f62b18bf578d3ac754f
-
SHA512
1b6269819dd03e787010880ed550bb6d5f2293cc1402d45bce4c63a99f2b099193e37da8971f8de30e3d5bad705afb82b27541ccd77b43fc34437d40f6553a9d
Score10/10-
Async RAT payload
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-