Behavioral task
behavioral1
Sample
a92bef216bec5b6fcc6a958305f81391.exe
Resource
win7-20230220-en
General
-
Target
a92bef216bec5b6fcc6a958305f81391.exe
-
Size
127KB
-
MD5
a92bef216bec5b6fcc6a958305f81391
-
SHA1
196de00aba5b37c7d7d5b7da6b6eb302257a81a9
-
SHA256
7b9a9b11fc9794d4e31d647a3cab02fecdb048e81bc13d37d1c3533b8e96a8d3
-
SHA512
1ddd77de29270944f9c25769b1dd0d655abea9ea7619af560a9160ef6648a09c559348236c65919a3ec63ab5a1b97e51a20fd2fe05a716ca52de2cd510e9f3a6
-
SSDEEP
3072:lh0ZVtDuop7hxJB0S4rObd4r9MrUEkmnnnnnZ/iUvVfG:lh0HtDTpkrObaBM7nnnnngAO
Malware Config
Extracted
asyncrat
| Edit 3LOSH RAT
AsyncMutex_7SI8OkPnk
-
delay
3
-
install
true
-
install_file
ContainerRuntime.exe
-
install_folder
%AppData%
-
pastebin_config
https://pastebin.com/raw/YgX9vKea
Signatures
Files
-
a92bef216bec5b6fcc6a958305f81391.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 57KB - Virtual size: 57KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 68KB - Virtual size: 68KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ