General
-
Target
a2488b9d02c16c8f4227e7657d066c47.exe
-
Size
76KB
-
Sample
221004-ktv17sadb4
-
MD5
a2488b9d02c16c8f4227e7657d066c47
-
SHA1
de1a49fc402e04109f1549846c542cb0aa483371
-
SHA256
c96718e4f79dbc5e868f55720c77af071011de9b7dbd239243cc8a8604235822
-
SHA512
2771ae5cc4b024750c76528cf5a678af44d56950663a859a36aaa5d0bedacd39a65a7a1e10197511a5b0ae7cd803ddfc0f8d18956b418b2a6eb4f20a0829713c
-
SSDEEP
1536:/wwwmEsKq68kCKQtkGtJaYDxG+wlDOFjZNIduA/F4Ro9:/wwwmEsKq68kCKQtkG/aoE+ODgjZN0uc
Static task
static1
Behavioral task
behavioral1
Sample
a2488b9d02c16c8f4227e7657d066c47.exe
Resource
win7-20220812-en
Malware Config
Extracted
asyncrat
0.5.7B
drax
azazws6606.linkpc.net:6606
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
a2488b9d02c16c8f4227e7657d066c47.exe
-
Size
76KB
-
MD5
a2488b9d02c16c8f4227e7657d066c47
-
SHA1
de1a49fc402e04109f1549846c542cb0aa483371
-
SHA256
c96718e4f79dbc5e868f55720c77af071011de9b7dbd239243cc8a8604235822
-
SHA512
2771ae5cc4b024750c76528cf5a678af44d56950663a859a36aaa5d0bedacd39a65a7a1e10197511a5b0ae7cd803ddfc0f8d18956b418b2a6eb4f20a0829713c
-
SSDEEP
1536:/wwwmEsKq68kCKQtkGtJaYDxG+wlDOFjZNIduA/F4Ro9:/wwwmEsKq68kCKQtkG/aoE+ODgjZN0uc
-
Async RAT payload
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-