General
-
Target
4661d321d22ead59aa1dcf7805b9680e.exe
-
Size
156KB
-
Sample
221128-yx89wsdc89
-
MD5
4661d321d22ead59aa1dcf7805b9680e
-
SHA1
0e87ec191765cbb62e9103e4cebc754314002e7d
-
SHA256
4ecdc9f6ebd035e8738d54d42686d571b2723c3c07b431e9cd551cfe1d09b8d1
-
SHA512
33d35b16524a010dbb08155708a9a6ed217d677ad4121e84131a1e1c59cd5fc0baa1f9dc1289bcc57e63be7dbc271d82008080a9acc8a30ba9fee10a4f511832
-
SSDEEP
3072:O6HomkMh4smo4GvX9m7+VBe16y71T+w/2FbM44:3+obvtIZIy7Wl
Static task
static1
Behavioral task
behavioral1
Sample
4661d321d22ead59aa1dcf7805b9680e.exe
Resource
win7-20220812-en
Malware Config
Extracted
asyncrat
| Edit 3LOSH RAT
Default
xxxprofxxx.dnsdojo.com:5126
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
4661d321d22ead59aa1dcf7805b9680e.exe
-
Size
156KB
-
MD5
4661d321d22ead59aa1dcf7805b9680e
-
SHA1
0e87ec191765cbb62e9103e4cebc754314002e7d
-
SHA256
4ecdc9f6ebd035e8738d54d42686d571b2723c3c07b431e9cd551cfe1d09b8d1
-
SHA512
33d35b16524a010dbb08155708a9a6ed217d677ad4121e84131a1e1c59cd5fc0baa1f9dc1289bcc57e63be7dbc271d82008080a9acc8a30ba9fee10a4f511832
-
SSDEEP
3072:O6HomkMh4smo4GvX9m7+VBe16y71T+w/2FbM44:3+obvtIZIy7Wl
-
Async RAT payload
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-