General
-
Target
MSBuild_exe_PID1db4_MSBuild.exe_B70000_x86-cleaned - Copy.bin
-
Size
64KB
-
Sample
231122-ayrjgaab91
-
MD5
0076928a0a3b0d3b0e79afdee0b5c518
-
SHA1
8c8e1f8fddfb7027330a63cf6920e46213467393
-
SHA256
388517eb86d55d3225b12e48207c028fece5eaf29537bbb127ae54cb42a6d2ea
-
SHA512
2abbbd1af1cead70c5b36763b408c3792132970aebfca3169a032e0ab3d29536f5b3f77b195d6ed90cd5dbbb387253d2ac1b249da78d11e03b8f9b99243fbedc
-
SSDEEP
1536:gQRHQgEDFVRfZaUITkmYXXsuP5BM1KHGcZrPlTG3x:gvgED9fZapImYXXTP5BMDcZdIx
Behavioral task
behavioral1
Sample
MSBuild_exe_PID1db4_MSBuild.exe_B70000_x86-cleaned - Copy.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
MSBuild_exe_PID1db4_MSBuild.exe_B70000_x86-cleaned - Copy.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
asyncrat
| Edit 3LOSH RAT
TRACKMONEY
trackmoney.dynuddns.net:5959
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
MSBuild_exe_PID1db4_MSBuild.exe_B70000_x86-cleaned - Copy.bin
-
Size
64KB
-
MD5
0076928a0a3b0d3b0e79afdee0b5c518
-
SHA1
8c8e1f8fddfb7027330a63cf6920e46213467393
-
SHA256
388517eb86d55d3225b12e48207c028fece5eaf29537bbb127ae54cb42a6d2ea
-
SHA512
2abbbd1af1cead70c5b36763b408c3792132970aebfca3169a032e0ab3d29536f5b3f77b195d6ed90cd5dbbb387253d2ac1b249da78d11e03b8f9b99243fbedc
-
SSDEEP
1536:gQRHQgEDFVRfZaUITkmYXXsuP5BM1KHGcZrPlTG3x:gvgED9fZapImYXXTP5BMDcZdIx
Score10/10-
Async RAT payload
-