General
-
Target
f630f5623fca093258f2d364792a06c8becdcf4b3778d4dcd57e2a4973a3d2bb
-
Size
86KB
-
Sample
231124-hw655sgd84
-
MD5
c2f12ab3b72a2099d712492e2ae14899
-
SHA1
b6389bdc2d78c23532758113d77fd1d230eb2988
-
SHA256
f630f5623fca093258f2d364792a06c8becdcf4b3778d4dcd57e2a4973a3d2bb
-
SHA512
b266f5f9066f4ef5325590b783a40cd46c817d8e37d1451603c06bce6c7aba5759b804bdd99e728caf4b569dd1bb7c7645769caef37fda490af21291cb66d4f2
-
SSDEEP
1536:2gckaSgfKzM23HwgZmZD9vEAcBoyglOhDHj4n/eZCLs2qB6aQQbgtgCODX2wUG:2gcxSgCzWZJveDEn/Xq7bgtgCODX5
Static task
static1
Behavioral task
behavioral1
Sample
f630f5623fca093258f2d364792a06c8becdcf4b3778d4dcd57e2a4973a3d2bb.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
asyncrat
0.5.7B
MicrosoftEdg
46.1.103.69:9371
MicrosoftEdg
-
delay
3
-
install
false
-
install_file
MicrosoftEdge
-
install_folder
%AppData%
Targets
-
-
Target
f630f5623fca093258f2d364792a06c8becdcf4b3778d4dcd57e2a4973a3d2bb
-
Size
86KB
-
MD5
c2f12ab3b72a2099d712492e2ae14899
-
SHA1
b6389bdc2d78c23532758113d77fd1d230eb2988
-
SHA256
f630f5623fca093258f2d364792a06c8becdcf4b3778d4dcd57e2a4973a3d2bb
-
SHA512
b266f5f9066f4ef5325590b783a40cd46c817d8e37d1451603c06bce6c7aba5759b804bdd99e728caf4b569dd1bb7c7645769caef37fda490af21291cb66d4f2
-
SSDEEP
1536:2gckaSgfKzM23HwgZmZD9vEAcBoyglOhDHj4n/eZCLs2qB6aQQbgtgCODX2wUG:2gcxSgCzWZJveDEn/Xq7bgtgCODX5
Score10/10-
Async RAT payload
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-