General
-
Target
WeNcYTMHxi.bin
-
Size
317KB
-
Sample
230311-jekq9agh45
-
MD5
801c183b963fe6aabdd9b10e540fe618
-
SHA1
be65bedc7c145034861e1de8caeda0453c95d6dc
-
SHA256
f0c1a54e1562622d481a6b1512713b14eedbe9ee41d3e04cd1141cd11cafaf8d
-
SHA512
880ef4b6f1deacf7fda92c1cf5a67eb34dd78d822a79cace0f09721a96321c5b7d1ddf86eb7f2bfce7e66d89dcf83f9259f73606a700a61fc97eefbad4a3d63c
-
SSDEEP
6144:5Pc/W50lVBpwrGJtxi5a/QETmT0ZkErwN+bAAv0peN+Gk4qQRKPEoNJiK5Ngml18:5Pc/W50lVBpwrGJtxi5a/QETmT0ZkErW
Static task
static1
Malware Config
Extracted
asyncrat
0.5.7B
Default
192.168.1.4:6606
192.168.1.4:7707
192.168.1.4:8808
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
WeNcYTMHxi.bin
-
Size
317KB
-
MD5
801c183b963fe6aabdd9b10e540fe618
-
SHA1
be65bedc7c145034861e1de8caeda0453c95d6dc
-
SHA256
f0c1a54e1562622d481a6b1512713b14eedbe9ee41d3e04cd1141cd11cafaf8d
-
SHA512
880ef4b6f1deacf7fda92c1cf5a67eb34dd78d822a79cace0f09721a96321c5b7d1ddf86eb7f2bfce7e66d89dcf83f9259f73606a700a61fc97eefbad4a3d63c
-
SSDEEP
6144:5Pc/W50lVBpwrGJtxi5a/QETmT0ZkErwN+bAAv0peN+Gk4qQRKPEoNJiK5Ngml18:5Pc/W50lVBpwrGJtxi5a/QETmT0ZkErW
-
Async RAT payload
-
Suspicious use of SetThreadContext
-