General
-
Target
Usd 56,335.71$.exe
-
Size
827KB
-
Sample
220704-kbbjvaffdn
-
MD5
e01c94d8c361c5214b81d40d4606940a
-
SHA1
484d35f9015112246a38cccbcb29d8a467d061fb
-
SHA256
7bc9a0135244519fe11232f68560692c4fb9c1d67d3d102d5747d8b89a8e7dd4
-
SHA512
1b1bf67380357324c8570b104c6dd0b9d8ea2a099b26c4b043077c87a78c518f192a0235f4e9c6557acd2ffb688b3ccbfb552908642d8437a254f6c87bed834b
Static task
static1
Behavioral task
behavioral1
Sample
Usd 56,335.71$.exe
Resource
win7-20220414-en
Malware Config
Extracted
asyncrat
1.0.7
Default
seamoney.duckdns.org:5721
DcRatMutex_qwqdanchun
-
delay
1
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
Usd 56,335.71$.exe
-
Size
827KB
-
MD5
e01c94d8c361c5214b81d40d4606940a
-
SHA1
484d35f9015112246a38cccbcb29d8a467d061fb
-
SHA256
7bc9a0135244519fe11232f68560692c4fb9c1d67d3d102d5747d8b89a8e7dd4
-
SHA512
1b1bf67380357324c8570b104c6dd0b9d8ea2a099b26c4b043077c87a78c518f192a0235f4e9c6557acd2ffb688b3ccbfb552908642d8437a254f6c87bed834b
-
Async RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-