General
-
Target
jt4ig5.bat
-
Size
273KB
-
Sample
230221-b8kpcafb3z
-
MD5
5ed6410621bf4ec6f9f7009649be570c
-
SHA1
485ff0f41394b207d45b4042c7d9be8b404885b7
-
SHA256
5c62c4d6d511d2c9cddd9d22762bc6ad0f44d3e3d28648566a333b8790919722
-
SHA512
e27a2b934b5b1b7438cff5dde72f6b4d4a72c21a0d6016caaefc8b04a79a244f154d5781fce5d3e1430ee37562f372560e72b70ad5843f7d879304b1f9553b5d
-
SSDEEP
6144:K+Hn1UVzVtPs0CpvH04haQ2fGnxOW6y1vAw:K+VUVzVFEpf04h+esWT1x
Static task
static1
Behavioral task
behavioral1
Sample
jt4ig5.bat
Resource
win10-20230220-en
Behavioral task
behavioral2
Sample
jt4ig5.bat
Resource
win7-20230220-en
Malware Config
Extracted
asyncrat
0.5.7B
Default
95.216.102.32:6606
95.216.102.32:7707
95.216.102.32:8808
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
jt4ig5.bat
-
Size
273KB
-
MD5
5ed6410621bf4ec6f9f7009649be570c
-
SHA1
485ff0f41394b207d45b4042c7d9be8b404885b7
-
SHA256
5c62c4d6d511d2c9cddd9d22762bc6ad0f44d3e3d28648566a333b8790919722
-
SHA512
e27a2b934b5b1b7438cff5dde72f6b4d4a72c21a0d6016caaefc8b04a79a244f154d5781fce5d3e1430ee37562f372560e72b70ad5843f7d879304b1f9553b5d
-
SSDEEP
6144:K+Hn1UVzVtPs0CpvH04haQ2fGnxOW6y1vAw:K+VUVzVFEpf04h+esWT1x
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Async RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-