General
-
Target
csrss.exe
-
Size
63KB
-
Sample
230314-v66zcagg96
-
MD5
20ff76bc8767743371d05456fd806535
-
SHA1
3a8da060a3df7c3cc4e27fb3f821a962e6c01001
-
SHA256
fb157908b2c53df553e13a91e0c9093fe4e45f2cf0c29623cf901685aa8a3221
-
SHA512
830ca30dcb6f1d9001267cf0e118d25aeb6da12fca26d3d8e8ee862b0c9077c8d3a9b4f93750b63cac861c4a355c4ecf5c7ec3c471b43fb26daa9d30fc9dbf87
-
SSDEEP
1536:/5HfLgF8HquzFMUyWDwAGbbmwFL3rGMNVclN:/5HfLgF8DzFMUyWDZGbbmkfY
Behavioral task
behavioral1
Sample
csrss.exe
Resource
win7-20230220-en
Malware Config
Extracted
asyncrat
1.0.7
Default
DcRatMutex_qwqdanchun
-
delay
30
-
install
true
-
install_file
csrss.exe
-
install_folder
%AppData%
-
pastebin_config
https://pastebin.com/raw/3Z9zi18j
Targets
-
-
Target
csrss.exe
-
Size
63KB
-
MD5
20ff76bc8767743371d05456fd806535
-
SHA1
3a8da060a3df7c3cc4e27fb3f821a962e6c01001
-
SHA256
fb157908b2c53df553e13a91e0c9093fe4e45f2cf0c29623cf901685aa8a3221
-
SHA512
830ca30dcb6f1d9001267cf0e118d25aeb6da12fca26d3d8e8ee862b0c9077c8d3a9b4f93750b63cac861c4a355c4ecf5c7ec3c471b43fb26daa9d30fc9dbf87
-
SSDEEP
1536:/5HfLgF8HquzFMUyWDwAGbbmwFL3rGMNVclN:/5HfLgF8DzFMUyWDZGbbmkfY
-
Async RAT payload
-