General
-
Target
SecuriteInfo.com.Variant.Barys.432395.1653.178.exe
-
Size
103KB
-
Sample
230601-2g3zqahb8w
-
MD5
384cc4b1c3c5d9bce6eb9b1c70e2c54a
-
SHA1
5377096461d28b04866188b2c68d182e146f345d
-
SHA256
391a43e128f1ee34ce61bc1c787867f3c1d6f6af117db338d9186a94d2273c5b
-
SHA512
09a7bce1785f2ee7f8daf603e6eeba4643732311c9dc5225aece7c3e2b9270cf42cded5a0315312c363fc91f1d08f7122ecf8a3a03ed1889c4a2589b82352260
-
SSDEEP
1536:PHHE2mYzsMx9kU1JMZWEt24CUU4MdajsNOVat2RzbmK+OCuBqGRCCuvlMMgCcDc:PEKsMrkUQ4JUU4MCseat2RziKR7Obr
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Variant.Barys.432395.1653.178.exe
Resource
win7-20230220-en
Malware Config
Extracted
asyncrat
0.5.7B
Default
141.98.102.235:16296
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
SecuriteInfo.com.Variant.Barys.432395.1653.178.exe
-
Size
103KB
-
MD5
384cc4b1c3c5d9bce6eb9b1c70e2c54a
-
SHA1
5377096461d28b04866188b2c68d182e146f345d
-
SHA256
391a43e128f1ee34ce61bc1c787867f3c1d6f6af117db338d9186a94d2273c5b
-
SHA512
09a7bce1785f2ee7f8daf603e6eeba4643732311c9dc5225aece7c3e2b9270cf42cded5a0315312c363fc91f1d08f7122ecf8a3a03ed1889c4a2589b82352260
-
SSDEEP
1536:PHHE2mYzsMx9kU1JMZWEt24CUU4MdajsNOVat2RzbmK+OCuBqGRCCuvlMMgCcDc:PEKsMrkUQ4JUU4MCseat2RziKR7Obr
-
Async RAT payload
-
Suspicious use of SetThreadContext
-