General
-
Target
fd4b5f2b52d9a4db5a1caa4b036d180eea257637f57d5abbda88e7dadfca8920
-
Size
2.6MB
-
Sample
231124-hw73fagd85
-
MD5
18450bd9ae592e0d6f358fcc3dbc44ca
-
SHA1
b87ae1e1b94363e852ccb56ad6e9be98bdf1b127
-
SHA256
fd4b5f2b52d9a4db5a1caa4b036d180eea257637f57d5abbda88e7dadfca8920
-
SHA512
490ea30d12270b1db0bd6872dcc38f92b1773bb80c9e0f539b27f4c4cd99b82798bfb67ae9000c89489f3ac87e4a60054d84f17521a076bd3004a616e6233fbb
-
SSDEEP
49152:/WsTEkwghTKv4jysGUqgCoOtt1JKMNFRjJYKWpH:/FEkwghTKv4jysGUqgCxtthNFRje
Static task
static1
Behavioral task
behavioral1
Sample
fd4b5f2b52d9a4db5a1caa4b036d180eea257637f57d5abbda88e7dadfca8920.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
asyncrat
0.5.7B
MicrosoftEdge
46.1.103.69:9371
MicrosoftEdge
-
delay
3
-
install
false
-
install_file
MicrosoftEdge
-
install_folder
%AppData%
Targets
-
-
Target
fd4b5f2b52d9a4db5a1caa4b036d180eea257637f57d5abbda88e7dadfca8920
-
Size
2.6MB
-
MD5
18450bd9ae592e0d6f358fcc3dbc44ca
-
SHA1
b87ae1e1b94363e852ccb56ad6e9be98bdf1b127
-
SHA256
fd4b5f2b52d9a4db5a1caa4b036d180eea257637f57d5abbda88e7dadfca8920
-
SHA512
490ea30d12270b1db0bd6872dcc38f92b1773bb80c9e0f539b27f4c4cd99b82798bfb67ae9000c89489f3ac87e4a60054d84f17521a076bd3004a616e6233fbb
-
SSDEEP
49152:/WsTEkwghTKv4jysGUqgCoOtt1JKMNFRjJYKWpH:/FEkwghTKv4jysGUqgCxtthNFRje
Score10/10-
Detect ZGRat V1
-
Async RAT payload
-
Drops startup file
-
Suspicious use of SetThreadContext
-