General
-
Target
dccd94fcb5cd38b6077af35e7e85aaa867f263a9d00910197388e11e71c6b5e3
-
Size
6KB
-
Sample
231124-hp7s4ahd6x
-
MD5
142a3cc69d15044024d4ccd3282e20f6
-
SHA1
a2ebe1b4cddc1012ba96c8e4dc0905d95501f69b
-
SHA256
dccd94fcb5cd38b6077af35e7e85aaa867f263a9d00910197388e11e71c6b5e3
-
SHA512
9da05e395f0636b90d1c9132d485ca75bbb1a2bccfe46b1ae0c1bab6e5101928a2b548786e66aebde27e5b005ccdf0c48592b87659f7688a1976a70c1982ca6f
-
SSDEEP
96:QxWt79OKCFyRry6nGNjtMIYVfAYBsVvk+1vGxPd3ojprl:QxWl9ORFmy6GNJMINY2vkBPd8
Static task
static1
Malware Config
Extracted
asyncrat
0.5.7B
Winlogo
46.1.103.69:2341
Winlogo
-
delay
3
-
install
false
-
install_file
Winlogo
-
install_folder
%AppData%
Targets
-
-
Target
dccd94fcb5cd38b6077af35e7e85aaa867f263a9d00910197388e11e71c6b5e3
-
Size
6KB
-
MD5
142a3cc69d15044024d4ccd3282e20f6
-
SHA1
a2ebe1b4cddc1012ba96c8e4dc0905d95501f69b
-
SHA256
dccd94fcb5cd38b6077af35e7e85aaa867f263a9d00910197388e11e71c6b5e3
-
SHA512
9da05e395f0636b90d1c9132d485ca75bbb1a2bccfe46b1ae0c1bab6e5101928a2b548786e66aebde27e5b005ccdf0c48592b87659f7688a1976a70c1982ca6f
-
SSDEEP
96:QxWt79OKCFyRry6nGNjtMIYVfAYBsVvk+1vGxPd3ojprl:QxWl9ORFmy6GNJMINY2vkBPd8
-
Detect ZGRat V1
-
Async RAT payload
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-