General
-
Target
0x00090000000122f1-69.dat
-
Size
45KB
-
Sample
230202-vga6daeb5s
-
MD5
4b3284d70137fee18f1068d0b3ec3819
-
SHA1
24a47e72ea5f76bbc37b0281bb24508b631157de
-
SHA256
8ae63775359fa46ab17567259a6a504c60113868d706c1649b7e404aa0343010
-
SHA512
693cb57ee01b48daa08c3165187d29aad402e8fe8341e1050c0e6bfc7463b2723a6e5c6af762457cffee8ae2836fb3c7f3a73dfdd1ff50d51abc1e8f970d525d
-
SSDEEP
768:zuQSNTvEEaBrWUXQd5mo2qmibq/aSh6PIRzjbfgX3imDRq/JyfBDZvx:zuQSNT8542x4qjDR3boXSgRndvx
Behavioral task
behavioral1
Sample
0x00090000000122f1-69.exe
Resource
win7-20220812-en
Malware Config
Extracted
asyncrat
0.5.7B
Default
135.148.113.4:6789
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
true
-
install_file
Service Host.exe
-
install_folder
%AppData%
Targets
-
-
Target
0x00090000000122f1-69.dat
-
Size
45KB
-
MD5
4b3284d70137fee18f1068d0b3ec3819
-
SHA1
24a47e72ea5f76bbc37b0281bb24508b631157de
-
SHA256
8ae63775359fa46ab17567259a6a504c60113868d706c1649b7e404aa0343010
-
SHA512
693cb57ee01b48daa08c3165187d29aad402e8fe8341e1050c0e6bfc7463b2723a6e5c6af762457cffee8ae2836fb3c7f3a73dfdd1ff50d51abc1e8f970d525d
-
SSDEEP
768:zuQSNTvEEaBrWUXQd5mo2qmibq/aSh6PIRzjbfgX3imDRq/JyfBDZvx:zuQSNT8542x4qjDR3boXSgRndvx
-
Async RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-