General
-
Target
HBL draft 1.rar
-
Size
508KB
-
Sample
230609-j6pjhscc9z
-
MD5
979382d22e0f50690dd6e114c241f07e
-
SHA1
c792927da1135aac21b3adc984f2f78473793bec
-
SHA256
817310b0404cb8213fe6ca4c0d5ab28c0a8a9714a2c6440f55b3b5240a66b41a
-
SHA512
91b9144580f159dfd539f8a64ae7f662241aaf1e14304f68e52294666b56079785c69ce74df576024999a37022f0b897fea4e12a06e0636823bf52ed4f05170f
-
SSDEEP
12288:Wt5XUBymwuMzvlD2vNh2xzjUMzZhGD9FFKtn4BKDuf8GVIc3:WfUBymwuMzNDqrGzjUOKHFYn4wDPC
Static task
static1
Behavioral task
behavioral1
Sample
IgXNkefSCwhtVCR.exe
Resource
win7-20230220-en
Malware Config
Extracted
asyncrat
0.5.7B
Default
95.214.27.44:6606
95.214.27.44:7707
95.214.27.44:8808
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
IgXNkefSCwhtVCR.exe
-
Size
627KB
-
MD5
c7b595da0280818998af6a5eaabeb6ed
-
SHA1
97e0e2c7be4b44d058c4e40e75ff59582917a8e7
-
SHA256
63b2add18bbd481c278a85e74c496918a12ea951301951134956e0b4449ebf39
-
SHA512
01913066f42efc8dbe369239b260802a3280da9045ffd59a298acb9cb6bd9e877d9072c12cef8bee36b53ed1ed1715b4268c0cfa325aacdf5d351fb14c6eb3d2
-
SSDEEP
12288:8Gmp0lWxMzIHREJVk/bq4izoW/m7/ePmr9eRf5ORReTed59dTqGiyxA+kqIt:dmilWxMiQW/O4ue7/ePNRROiyd+mO+k
-
Async RAT payload
-
Suspicious use of SetThreadContext
-