General
-
Target
38bc5a446e6cbfd8719867dbb1107e2bac10a6cafab57f2b6b3524375209fe76
-
Size
192KB
-
Sample
221207-nnapvsce54
-
MD5
3246acde7d64ed7e91abb238cf23f212
-
SHA1
66bc8ebce42692ea61ccae7ca3dfced83ea0b5f0
-
SHA256
38bc5a446e6cbfd8719867dbb1107e2bac10a6cafab57f2b6b3524375209fe76
-
SHA512
2edf167585d8713f89c4ac4276893711d4cce5d593ef74d9db1f13e81dea3f2ee7cfbf44a1d5d3558c01564c69afbc997367f0e498c27d3aa4d1b98badd2bebc
-
SSDEEP
3072:8Ay/OIASkWdW8Z1OYlP0tguw7VZ7F7dzwQS+tjOUobT5FQJgIPHNPYX+IMYp:8AgxnkYJegu2NJf7jsb1FQSIPHNPYX+U
Static task
static1
Malware Config
Extracted
asyncrat
0.5.7B
Default
chinasea.duckdns.org:5201
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
38bc5a446e6cbfd8719867dbb1107e2bac10a6cafab57f2b6b3524375209fe76
-
Size
192KB
-
MD5
3246acde7d64ed7e91abb238cf23f212
-
SHA1
66bc8ebce42692ea61ccae7ca3dfced83ea0b5f0
-
SHA256
38bc5a446e6cbfd8719867dbb1107e2bac10a6cafab57f2b6b3524375209fe76
-
SHA512
2edf167585d8713f89c4ac4276893711d4cce5d593ef74d9db1f13e81dea3f2ee7cfbf44a1d5d3558c01564c69afbc997367f0e498c27d3aa4d1b98badd2bebc
-
SSDEEP
3072:8Ay/OIASkWdW8Z1OYlP0tguw7VZ7F7dzwQS+tjOUobT5FQJgIPHNPYX+IMYp:8AgxnkYJegu2NJf7jsb1FQSIPHNPYX+U
-
Async RAT payload
-
Drops startup file
-
Suspicious use of SetThreadContext
-