Behavioral task
behavioral1
Sample
Infected.exe
Resource
win10v2004-20231127-en
General
-
Target
Infected.exe
-
Size
63KB
-
MD5
0d5f683e10eb28000597e3c3d2594741
-
SHA1
a2fe5ca6ce2d9c3ff7fb733ee6a707c0dda17667
-
SHA256
bf7a53c5db252212663303fd5492a75244b43beabbcc5a59b131ee46f8bbeb40
-
SHA512
4d6341e43f3001c5ae6d38e7645d58f09849e6caf58f9879f52f1ec220bc0f306fab3d63c1c3f91b182f31b48d7d5f449654a32d103bc197102ea464e2525e56
-
SSDEEP
768:Qv0M2UM/978aQC8A+XjlazcBRL5JTk1+T4KSBGHmDbD/ph0oXn9Nd9QeSu0dpqKX:b1/k/dSJYUbdh9nn/Su0dpqKmY7
Malware Config
Extracted
asyncrat
Default
127.0.0.1:3232
127.0.0.1:13116
4.tcp.eu.ngrok.io:3232
4.tcp.eu.ngrok.io:13116
弗吾9g吾吉ΔdgTXBG杰Η诶k7
-
delay
1
-
install
false
-
install_folder
%AppData%
Signatures
Files
-
Infected.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
Imports
mscoree
_CorExeMain
Sections
.text Size: 58KB - Virtual size: 58KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ