Behavioral task
behavioral1
Sample
016D808DD3D45A17F7230BFE8DF690D2B75C18BD93F44.exe
Resource
win7-20220414-en
General
-
Target
016D808DD3D45A17F7230BFE8DF690D2B75C18BD93F44.exe
-
Size
48KB
-
MD5
747973b0b920bcace8ebf382a3edd701
-
SHA1
6923e0e2e6b5813578142446fd48744bef443f67
-
SHA256
016d808dd3d45a17f7230bfe8df690d2b75c18bd93f44f60badf12924f4266b0
-
SHA512
814c0a9787a2012ae3c61a1c43c9cc68bd50b3bd3fed634003d6274c93f987abcea79e41e12caea61658ffab7b69f3b76934a69e9eda8d96ca325e9b83c71c27
-
SSDEEP
768:Uu1a21T3EiJfWUzuydmo2qzqUIFlbu6YPI64AycKB0bgFkxDIsSNul29lWFBDZ5a:Uu1a21T3xN2VUA64ZcRbgFALSoWlMd5a
Malware Config
Extracted
asyncrat
0.5.7B
Default
spk.accesscam.org:55555
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
true
-
install_file
google.exe
-
install_folder
%AppData%
Signatures
Files
-
016D808DD3D45A17F7230BFE8DF690D2B75C18BD93F44.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 44KB - Virtual size: 44KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ