General
-
Target
FUDSilentCrypt1.5-main.zip
-
Size
172KB
-
Sample
230218-f55bssae5v
-
MD5
c36a2d997ed8b1c82eb6919f79cda2fd
-
SHA1
71e4a5e6873729c38a5e71000a7a38c57e89f43d
-
SHA256
e2eaae26aa19bcc4f9c18696a044c032e697a6a8c3dc34abc2e68767d2f9aa0b
-
SHA512
930ecf5cba78592432f40fef76c9d9b45f9a88d3f0ccf692e830bc397a794b35472df95e631e8175cc112b5713c9ba4f4479f4d55a9d731931ef4cfd409669f3
-
SSDEEP
3072:4YKrLuHfoaUIVfAY5M6jxCanTcGKw9nlj1B1b7gWOGMGOEfvFkbhWS:QyfooJp5M2CanTcanljLt7gQ5fvmsS
Static task
static1
Behavioral task
behavioral1
Sample
FUDSilentCrypt.exe
Resource
win7-20220812-en
Malware Config
Extracted
asyncrat
0.5.7B
Default
194.49.94.163:6606
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
true
-
install_file
RuntimeService.exe
-
install_folder
%AppData%
Targets
-
-
Target
FUDSilentCrypt.exe
-
Size
53.0MB
-
MD5
377475407f594a9a3054c3b012b52889
-
SHA1
aab2a193aae478408be5b41f9c24a4d7e7ecf5ff
-
SHA256
73da672e9c1adc2e13625aeb89bcc6f78382ff96ee41c25a6ccb817bc65e8521
-
SHA512
68bce781a24c83713747695a6e19cd38b6066eb8c4866ca91c668190abf07aa99ac07e63059ae0b3c4564b1f7f97c0b818378ff2a2458b9100ef4597db68c89b
-
SSDEEP
6144:Ih0CzEeWuPeZ3NUMOnpTdioT2NeLGp/uwONct43+4gU:W9zEGPeZ3Megce6pGHNu47gU
-
Async RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-