General
-
Target
65dd5fbc588a39cc22d91923a4fbe3f3fca6fc964506470c6551f16ed89e3df2
-
Size
5KB
-
Sample
221225-jaa19aed4x
-
MD5
8615a8a7fa0a063cd143c3d4f1252666
-
SHA1
f664d4e086ccb6703e2aba9c3361373fe990b84c
-
SHA256
65dd5fbc588a39cc22d91923a4fbe3f3fca6fc964506470c6551f16ed89e3df2
-
SHA512
3a60a30bcc5b3de4d5342854ebed586e572b309185125efefba684c5451b482a822ca7e01d9640b7665b8ff2fb0ce7eb84f86b02b62833b01bdbd59fa875d5b2
-
SSDEEP
96:2OZZ79nSCFmOO0TUq8oftOENtUqXo8zntvngd3oj/rl:2Mp9nZFZnUq8okENtUqXLhgdE
Static task
static1
Behavioral task
behavioral1
Sample
65dd5fbc588a39cc22d91923a4fbe3f3fca6fc964506470c6551f16ed89e3df2.exe
Resource
win10-20220812-en
Malware Config
Extracted
asyncrat
0.5.7B
System Guard Runtime
85.105.88.221:2531
System Guard Runtime
-
delay
3
-
install
false
-
install_file
System Guard Runtime
-
install_folder
%AppData%
Targets
-
-
Target
65dd5fbc588a39cc22d91923a4fbe3f3fca6fc964506470c6551f16ed89e3df2
-
Size
5KB
-
MD5
8615a8a7fa0a063cd143c3d4f1252666
-
SHA1
f664d4e086ccb6703e2aba9c3361373fe990b84c
-
SHA256
65dd5fbc588a39cc22d91923a4fbe3f3fca6fc964506470c6551f16ed89e3df2
-
SHA512
3a60a30bcc5b3de4d5342854ebed586e572b309185125efefba684c5451b482a822ca7e01d9640b7665b8ff2fb0ce7eb84f86b02b62833b01bdbd59fa875d5b2
-
SSDEEP
96:2OZZ79nSCFmOO0TUq8oftOENtUqXo8zntvngd3oj/rl:2Mp9nZFZnUq8okENtUqXLhgdE
Score10/10-
Async RAT payload
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-