General
-
Target
1992-74-0x0000000000400000-0x0000000000412000-memory.dmp
-
Size
72KB
-
MD5
26c489c81a8be76df211a7b99ef56e47
-
SHA1
780b52863a5c63fff96436cf877283046a10cae9
-
SHA256
9863d61058ca81dad7eacce4d7220baf0748db1bd6e415e309c3a3a2e6e07cd8
-
SHA512
8c0450f64f6e0433ec1f6a89107c09d73e4be28437f5355104b91264863ecc25827833941233e7413a9318858dd7272709f02e006592c13439078e8ab57bf4fe
-
SSDEEP
1536:Muus1TFcW2yCpCPITbuaN/+Ht8DmV4WNd:Muu4TFcW2yCsPITbu6eSq
Score
10/10
Malware Config
Extracted
Family
asyncrat
Version
0.5.7B
Botnet
SecurityHealthServi
C2
20.8.122.174:31682
Mutex
SecurityHealthServi
Attributes
-
delay
3
-
install
false
-
install_file
SecurityHealthService
-
install_folder
%AppData%
aes.plain
Signatures
-
Async RAT payload 1 IoCs
-
Asyncrat family
Files
-
1992-74-0x0000000000400000-0x0000000000412000-memory.dmp
Headers
Sections