General
-
Target
9ce4aff682a4faa9c09793f5a0f09db075786fe2d3098acf7553c62df22fa766
-
Size
87KB
-
Sample
221107-xrvzmsdce7
-
MD5
1ac438d233f333474b959f8c0cb719af
-
SHA1
9e64e2e4c3f295829a57810853a112b567209301
-
SHA256
9ce4aff682a4faa9c09793f5a0f09db075786fe2d3098acf7553c62df22fa766
-
SHA512
c5fb1dcf19be5dd5f1526b5a3572ae7fbd7efe63453cb7b5babd7d494d48b8c264d0c302658976a50b1b8d2f52874765631d6b9b64f5f1903bf674af81ca3990
-
SSDEEP
1536:7UZggBc01k4Br4bk4OAsZ08PL4IBQF7EiMsf617xIatwIavbgoeaZ91x2uta:7UigBMRbBi/MGQF7EiMe6xZtqbgoeY9s
Static task
static1
Behavioral task
behavioral1
Sample
9ce4aff682a4faa9c09793f5a0f09db075786fe2d3098acf7553c62df22fa766.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
asyncrat
0.5.7B
SecurityHealthSeurvice
217.64.31.3:8437
SecurityHealthSeurvice
-
delay
3
-
install
false
-
install_file
SecurityHealthSeurvice.exe
-
install_folder
%AppData%
Targets
-
-
Target
9ce4aff682a4faa9c09793f5a0f09db075786fe2d3098acf7553c62df22fa766
-
Size
87KB
-
MD5
1ac438d233f333474b959f8c0cb719af
-
SHA1
9e64e2e4c3f295829a57810853a112b567209301
-
SHA256
9ce4aff682a4faa9c09793f5a0f09db075786fe2d3098acf7553c62df22fa766
-
SHA512
c5fb1dcf19be5dd5f1526b5a3572ae7fbd7efe63453cb7b5babd7d494d48b8c264d0c302658976a50b1b8d2f52874765631d6b9b64f5f1903bf674af81ca3990
-
SSDEEP
1536:7UZggBc01k4Br4bk4OAsZ08PL4IBQF7EiMsf617xIatwIavbgoeaZ91x2uta:7UigBMRbBi/MGQF7EiMe6xZtqbgoeY9s
Score10/10-
Async RAT payload
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-