General

  • Target

    invoice.exe

  • Size

    48KB

  • MD5

    8396e6f6cd0b1745d38e136ada381831

  • SHA1

    640ab13f6791b51718f484c6bb2fc637f4b51fdf

  • SHA256

    11a11d95827f52fc174de321bdd183ee2e8cfbfc4019a3650d95ccbf1719e54f

  • SHA512

    111e548cc8949bd11191df92c82297a684d9231dacfbf0ea5c8de4768749ddfb2241c8879aea613c3ae30327dcb0272fc2d8bca04b102c6a2c526fd6e70f12e0

  • SSDEEP

    768:/dhivTBBPTc0g9A7W06aa9MAefRmGPUkbMZy7tuhzA6qPJiHh9KvtnMW+:lhiA9EF6alE07bM47tuhc6atnMW+

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

54.84.208.91:52643

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
  • Asyncrat family

Files

  • invoice.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections