Static task
static1
Behavioral task
behavioral1
Sample
0x000a000000003c9f-56.exe
Resource
win7-20220414-en
General
-
Target
0x000a000000003c9f-56.dat
-
Size
64KB
-
MD5
c75c0d8d46633692c979eb6fbd26094e
-
SHA1
b3945681b32a90f00ef2fd2af2eb4f5d4208c75d
-
SHA256
bbd275db0ec38e99c088654b042b682c428ba644969ef08f1d9657052f9b1393
-
SHA512
5d4ecd6c3fee2cf25cdfc4c6abbb389b261016b805ab1f6c4f0918143df6b02f0647d6ba87b1169ef0040ea9afd0dd22ce2612e2600b48e6dd9ffd7be99a1067
-
SSDEEP
1536:06rCqN2znBc/+ximb7i6EbWZs7uqrTpZVCF+4Ko6++:0PqN2znBcWxtb78bWyxrTpZVC0Rn
Malware Config
Extracted
asyncrat
true
Linkvertise A
RRAT_6SI8OkPnk
-
delay
3
-
install
false
-
install_folder
Explorer.exe
Signatures
Files
-
0x000a000000003c9f-56.dat.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 60KB - Virtual size: 60KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ