General
-
Target
400000.RegAsm.exe
-
Size
3.9MB
-
MD5
8eb2858db016afca3c0b456b9eaa6cb4
-
SHA1
fac7f04ab914af61fb57fa79be1355dba1ec424a
-
SHA256
c6347a16b97b4944cc6f3d6773f2f0604d224bf4a44121427d5c228c5b07e23f
-
SHA512
5bf48ac0062ee27ff9bccc36ac97f3a227c7e3f6ddb72d3dad2eb5d617ae807c943cd68840791abbb3a266a3b6e5144d7462b94abf9c0262d30433edda70d822
-
SSDEEP
98304:377Pmq33rE/JDLPWZADUGer7B6iY74M/0GmlwXVZ:/+R/eZADUXRd
Malware Config
Extracted
bitrat
1.38
akatabit1915.duckdns.org:1915
-
communication_password
e10adc3949ba59abbe56e057f20f883e
-
tor_process
tor
Signatures
Files
-
400000.RegAsm.exe.exe windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 2.4MB - Virtual size: 2.4MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
UPX1 Size: 1.4MB - Virtual size: 1.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
UPX2 Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE