General
-
Target
279da621a31ae6331d05536c2bf5bab48290a22f276d50edc65aaa4f6d25abfa
-
Size
5KB
-
Sample
221227-h4g6zshf5z
-
MD5
f06d2b32fd1a26d08d0199b3e9942356
-
SHA1
545fb4409348a4786e06654b647c15dfbe473137
-
SHA256
279da621a31ae6331d05536c2bf5bab48290a22f276d50edc65aaa4f6d25abfa
-
SHA512
9b01f6c989ed324b61cd4a1ca39dc3c745190af71a5a72853b08a18b9ead454a3689ee553ef1cd31e7da478eda27712bd0a7666a4e9857a73c85118ebcfd64d8
-
SSDEEP
96:u679uSCFHm+NEsdPML8M/mYG4ntvngd3ojfrl:uc9uZF5NEqP68M/m2gdA
Static task
static1
Behavioral task
behavioral1
Sample
279da621a31ae6331d05536c2bf5bab48290a22f276d50edc65aaa4f6d25abfa.exe
Resource
win10-20220812-en
Malware Config
Extracted
asyncrat
0.5.7B
DefenderSmartScren
217.64.31.3:8437
DefenderSmartScren
-
delay
3
-
install
false
-
install_file
SecurityHealtheurvice.exe
-
install_folder
%AppData%
Targets
-
-
Target
279da621a31ae6331d05536c2bf5bab48290a22f276d50edc65aaa4f6d25abfa
-
Size
5KB
-
MD5
f06d2b32fd1a26d08d0199b3e9942356
-
SHA1
545fb4409348a4786e06654b647c15dfbe473137
-
SHA256
279da621a31ae6331d05536c2bf5bab48290a22f276d50edc65aaa4f6d25abfa
-
SHA512
9b01f6c989ed324b61cd4a1ca39dc3c745190af71a5a72853b08a18b9ead454a3689ee553ef1cd31e7da478eda27712bd0a7666a4e9857a73c85118ebcfd64d8
-
SSDEEP
96:u679uSCFHm+NEsdPML8M/mYG4ntvngd3ojfrl:uc9uZF5NEqP68M/m2gdA
Score10/10-
Async RAT payload
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-