asyncrat | 595f4fc0f66cfba69430aad00411be104f37958edbbbb773a105b2b9f06f6fa8

Sharing

Copy URL

Twitter E-mail

General

Target

Salad-1.3.4.exe
Size

467.5MB
Sample

240113-f5s9jadde5
MD5

b9d775ef39dba804c75a32836016f567
SHA1

30f5af4c9c1d874ec0c52c630527d11732e9f4a0
SHA256

595f4fc0f66cfba69430aad00411be104f37958edbbbb773a105b2b9f06f6fa8
SHA512

479446be5c13155c552e22d457d9d8d08eec61901d30443db9c62f9a2bf4cc36a0599fe0aece5d1ebf042c636d83755e5ffd482596c636d0d1b6e1cb8ccc5a37
SSDEEP

12582912:Db6PrbktwHrNq6Z+0Xi5iZoMgfcdzRuzyuB:Db6jbewBnZ+0UCgfE8t

Score

10^/10

Malware Config

Targets

- Target
  
  Salad-1.3.4.exe
- Size
  
  467.5MB
- MD5
  
  b9d775ef39dba804c75a32836016f567
- SHA1
  
  30f5af4c9c1d874ec0c52c630527d11732e9f4a0
- SHA256
  
  595f4fc0f66cfba69430aad00411be104f37958edbbbb773a105b2b9f06f6fa8
- SHA512
  
  479446be5c13155c552e22d457d9d8d08eec61901d30443db9c62f9a2bf4cc36a0599fe0aece5d1ebf042c636d83755e5ffd482596c636d0d1b6e1cb8ccc5a37
- SSDEEP
  
  12582912:Db6PrbktwHrNq6Z+0Xi5iZoMgfcdzRuzyuB:Db6jbewBnZ+0UCgfE8t
Score

4^/10
behavioral1 behavioral2
- Target
  
  $LOCALAPPDATA/Salad/workloads/gpuz/CommandLine.dll
- Size
  
  220KB
- MD5
  
  05c71fa3a6fc561d7a1f919437dbddfd
- SHA1
  
  5a8cd6b38ee5d63c60c7747de6b5469ba5d1e6b2
- SHA256
  
  8a55501cd1a1590a4bd93a17c6fdd2c01a0ed5bff1aea9036bdc78d98c9a3fad
- SHA512
  
  1ab183d67220c8b8999b6ac032ac304f57960faf0e908404ffa3aa37c010d1a063d7734923a1576f18a69f7300b01fbbb395e3dca971e1b125b1b3b67ab858d0
- SSDEEP
  
  3072:6G/MfUAMcCbPpKNQ6acJ8vG+L+ERbE9K/ShQvtpEI1aEvjc94OFS/Gi+XFEbliWb:6G/zAnUPpKO6acJ8n+Ez/5wECkliitf
Score

1^/10
behavioral3 behavioral4
- Target
  
  $LOCALAPPDATA/Salad/workloads/gpuz/FluentValidation.dll
- Size
  
  464KB
- MD5
  
  1b7345fe29573163e60dfa751550b0fe
- SHA1
  
  36c6cce8cb3332eb0e6c7607bac6b812032262d5
- SHA256
  
  3cf522a96792bc4a0d8e8d7da1843c193054e2006c104062c937f67aa560fa02
- SHA512
  
  77a85d27350209dd8c75a9b8067e03f4471b7ece9df2ac8801591896bd0aaa86d9b4d496dfe6f77a2f4773d95067f57660600d85f6040a0472ac464e2bb69f25
- SSDEEP
  
  3072:unvCD/jidiniDiCiai2ifiyi/iliPinKjipi7iMi+ivi+ZiFciViqitiHigdziNy:unYx2yJqAoICJksWxkvb8y9yoBFiJI
Score

1^/10
behavioral5 behavioral6
- Target
  
  $LOCALAPPDATA/Salad/workloads/gpuz/clretwrc.dll
- Size
  
  302KB
- MD5
  
  0b313390c5c58ead45c65affbb8b227a
- SHA1
  
  bab60c8008720afddc47df95ef128b773170b199
- SHA256
  
  99f6766b1ac711ef64f2abc042c25a88e817d9aab8aa63137d41f609e576c3e8
- SHA512
  
  9bfdff68e8265d0f175e7c13fe2d859775b79f8f679b1572ef02f4c1bf05112441edf6c58e389a312a1a6a213a0cd9c5b22c08106b7cf19c9410e9a115a4349e
- SSDEEP
  
  1536:HW19XpU6HFSRFiwJ1Q6aCFhglzTLX4GD0g56TCZFQqo5R8Uxxf4SthiW+zf:219XK6lSblhglz3IGD0gMTCPQX7f4SET
Score

1^/10
behavioral7 behavioral8
- Target
  
  $LOCALAPPDATA/Salad/workloads/gpuz/clrgc.dll
- Size
  
  420KB
- MD5
  
  58ccec88f3a96bc236b4f76fa3ae8b1d
- SHA1
  
  1035acca88ed26a0ab8830b047e94514dd4bbbb9
- SHA256
  
  7da076b28ce05595dcbccd618b1a487922f33572dbe8914766e114eec7603720
- SHA512
  
  aa14e67fd1f376dfe4a9b119e07e0afeade563bf10077f4787314adc8335832fb81fb2834e0d40cbaf34c111acb1ac0b747142f54e6e3c4f22c15aedd0f340c2
- SSDEEP
  
  6144:trAf2NFmdxkWAbHUCG3XQFTJlC1zcXjmOBUOKCGyZlFZZE5zQGwBQJGcquJe/pja:uf2exkWAb0CFXotOKCvlDGgFcpia
Score

3^/10
behavioral10 behavioral9
- Target
  
  $LOCALAPPDATA/Salad/workloads/gpuz/clrjit.dll
- Size
  
  1.3MB
- MD5
  
  cb493e870594b61b604fabff76c1ea5c
- SHA1
  
  3ac8a5ffec57e9fbf075ed553c9ed0e39b437160
- SHA256
  
  e16ba65f1abdc427a6b25a07ac4e0d7f5dc678c4b16c1b80c84649cfc732e476
- SHA512
  
  e94ef95ab671f451be242be0dff9ed0e366f68fe470da85e402643aff2c893a51c2c95a72d48bcf9938057a5115bd64b944d4f4d1363d85a76f483895e1c5f35
- SSDEEP
  
  24576:exxCOcH8i/i4mEpPlwaicSii4Dh9rCkGPsQTTJz5+I8vOWN63dolpKQL1SHet:UxaH9EKPlwai94DrrCkGdJt+dvx6toBH
Score

1^/10
behavioral11 behavioral12
- Target
  
  $LOCALAPPDATA/Salad/workloads/gpuz/coreclr.dll
- Size
  
  4.1MB
- MD5
  
  67035314cca8853cd098d82b9d2c403b
- SHA1
  
  2d6d27c2d6d2d2c41fb97459011bf2a6c739a047
- SHA256
  
  7ee447ef0a3125c1f41162e6f8db6575dffff574e91aa1df356bcc85b21d0ec2
- SHA512
  
  b0298790ba67409d441ceb0f70acad6c242e85e169864c31462613d4ebdc10a14e4d64cde1f5f86c332ecea34f6e880fc5355ae2daf9a88b96875babcc6fd649
- SSDEEP
  
  98304:erDpJIc5x5rH/rhf9kSO6FdEFsecv054MzwlXaXQxoyRaf:oDpJLBrfrhBO6FdE+e/53klGILAf
Score

1^/10
behavioral13 behavioral14
- Target
  
  $LOCALAPPDATA/Salad/workloads/gpuz/createdump.exe
- Size
  
  48KB
- MD5
  
  380a2f49e56bb2f8257afd097f4976f0
- SHA1
  
  7f509ba81f16fe1d065fa167484a988086ecb011
- SHA256
  
  5bed0c4b400187ffc109d997ddc5ca18d09c841e5f6e2439f90c77fef632602d
- SHA512
  
  ff21ecf0a52a270f5c30de9798faa3eb8b5dee46dddc6e83e54ae6ecded71f2e7e1e8f891af53d07d8eb51122b5a8143cff735dc9ebd6cde97c4073020383301
- SSDEEP
  
  1536:+IbDBksGQYHAprVjYxoILZhRWuHkNUHo9bkHVC/x:+IbDBksGQYHAprVjYxoxuENUHo9wY
Score

1^/10
behavioral15 behavioral16
- Target
  
  $LOCALAPPDATA/Salad/workloads/gpuz/hostfxr.dll
- Size
  
  309KB
- MD5
  
  a4648b8479844ef5255b5699985e9b45
- SHA1
  
  b16ff8a5ba6b3fa7b77aae2b49047ae19f4b8212
- SHA256
  
  785679ed0f6252596421f38bd5caa49c15ae8e0cf838317bbcd4ce8358f5a0af
- SHA512
  
  8d9e00bbfbed30b41a1e36e03b823f8d5e784c2dea772a186bd57492cffc02488cbf689ad0e367319cf0034a94ffb3f869a7b13309c8b27e7d37001fb82ae8a0
- SSDEEP
  
  6144:5nnJi3yQLKLV1JAl6hHz+T9pCH4MpTHcJKptZMZQ9Za2sd7Os6zucgo6k:5nnJi3xeV1JAuHz+T9pCH4aOK2S7RsdY
Score

3^/10
behavioral17 behavioral18
- Target
  
  $LOCALAPPDATA/Salad/workloads/gpuz/hostpolicy.dll
- Size
  
  324KB
- MD5
  
  5df73310d9eea7432f6a398f9c3bd94b
- SHA1
  
  5dd0048a5256c9403f2a3af0ae3bd426a56d01a6
- SHA256
  
  47fec17f5f49b897d0d75c22ebdef9edb8d7770f0bea0ae100c02776f153849c
- SHA512
  
  99112c410d8d2a3ca20d770027b53217b60a8e212693137af2307a2d2c6c87e7968b8a630460a4f01c566ac566952d6642a0f462d1f7ee85c487b54bb74c86b4
- SSDEEP
  
  6144:3Rah8Oj3xdqzlWpD1VwLycfqkYVTvsvMqz/mUrtDgh/aLXUC4:LO9szkN1iLyoYVTk0i/mUhA/gXK
Score

1^/10
behavioral19 behavioral20
- Target
  
  $LOCALAPPDATA/Salad/workloads/gpuz/mscordaccore.dll
- Size
  
  1.2MB
- MD5
  
  c6f545bdb14ddec631d681c383cfbdbe
- SHA1
  
  fc49951fb35fe43fa3f9eaa4dcc4885784f0b12b
- SHA256
  
  53ab4487085ada41f159af42173ffa5a3f7293f193e597314a9ae10b39572e16
- SHA512
  
  3b9ea1fdbde416a6e077f3f4eaf6b9bbe36fdfb46d81174a3756fa18f1a450e29d78199428c881107644796af4c0c9996c2150b4be7732243362444f222def32
- SSDEEP
  
  24576:sQvPfovVh0mAXWgaqmq6xOqDZ8W/985Jd7XvsdJaIUgva/E:NPfodhq1A181LAaIUgva/E
Score

3^/10
behavioral21 behavioral22
- Target
  
  $LOCALAPPDATA/Salad/workloads/gpuz/mscordaccore_x86_x86_7.0.1123.42427.dll
- Size
  
  1.2MB
- MD5
  
  c6f545bdb14ddec631d681c383cfbdbe
- SHA1
  
  fc49951fb35fe43fa3f9eaa4dcc4885784f0b12b
- SHA256
  
  53ab4487085ada41f159af42173ffa5a3f7293f193e597314a9ae10b39572e16
- SHA512
  
  3b9ea1fdbde416a6e077f3f4eaf6b9bbe36fdfb46d81174a3756fa18f1a450e29d78199428c881107644796af4c0c9996c2150b4be7732243362444f222def32
- SSDEEP
  
  24576:sQvPfovVh0mAXWgaqmq6xOqDZ8W/985Jd7XvsdJaIUgva/E:NPfodhq1A181LAaIUgva/E
Score

3^/10
behavioral23 behavioral24
- Target
  
  $LOCALAPPDATA/Salad/workloads/gpuz/mscordbi.dll
- Size
  
  1.1MB
- MD5
  
  2633a5a90e4508e91879fb0ad8f55f73
- SHA1
  
  981ab04c19009df817ec9e857c0a3e0b2f869ace
- SHA256
  
  092d9c52bf705abd2832bd6f4b97f75075e77a0a928794194017d5a159c3240b
- SHA512
  
  858c921369f76af6aa8404942a842aad2be7975769ec5d753ba8dd19f1c0535038105ff1f8d8313e130069e35e2ddfb6a6c8c8872f5882e0d3217dc9a5938786
- SSDEEP
  
  24576:dbd3w1Y7GDSztheMdOcOVpVqsnvyxhQo5vzMIegCbGpb:YKkSbeMSsCyxWoZzMIebbG5
Score

1^/10
behavioral25 behavioral26
- Target
  
  $LOCALAPPDATA/Salad/workloads/gpuz/mscorlib.dll
- Size
  
  60KB
- MD5
  
  3d0f8eade43aae6a63bca03eeb887a1a
- SHA1
  
  bb6323b4370276405792ddba4823cf5983c4e381
- SHA256
  
  609878593477cf0513d7136625cd86ec4bd6a26a50127cebb7aa8b6c858d725a
- SHA512
  
  7d8ff7a2501e8a4861543a6b0bb942834759a08811893bc44130d23e0a44ee57eb0e10c4e1915e50dbf4df3fb3f462057a04fd68aa1a94fbcf206ff2f74b5661
- SSDEEP
  
  768:OEOJcQBW0qhwGmjYD5b4bahyTlG1QPg0ClAVOQW2ivD9zzda40:bUBW2bjYD5b4bCyTc1l0LODzvpzJg
Score

1^/10
behavioral27 behavioral28
- Target
  
  $LOCALAPPDATA/Salad/workloads/gpuz/mscorrc.dll
- Size
  
  134KB
- MD5
  
  870d553b2c5c94b48e7793406ca92319
- SHA1
  
  bc56f1c90a3b7478f040d0574bbd90ccbd595abe
- SHA256
  
  66e07a37e054c5a42cc667145adfa692d65082fb01644dc40ffc891277237a4f
- SHA512
  
  b07689be8c4fa0e44b700b0d35c1c7e92ae7f11d22686d41b33240aa09849f2dd843b43f0e9bd879da6b7dd8210837537c78fcdef66613e92661ccf074e73e19
- SSDEEP
  
  1536:u9n915Wvh7xzHlZdZU+NWSqJInwJ1cvoMgSWctpoECiXyezzk:Sv+lZdZUrSqinYHSnSUiec
Score

1^/10
behavioral29 behavioral30
- Target
  
  $LOCALAPPDATA/Salad/workloads/gpuz/msquic.dll
- Size
  
  445KB
- MD5
  
  9b7621fb667db9bf8733b45974a76a50
- SHA1
  
  503781f377db0fe0e3018c6014b4d2bac9c8feca
- SHA256
  
  0baeb1b5b382ff135e7a2c0780d2f73a8f23402e8ace7fa5154eaeea8f5c6eb8
- SHA512
  
  4b3d239defc293ac505d69d78b2bd490f5dbec5cc957c6fbc05258f74283f6eb2872ddba7fb3debd2c251e69575d44eb052b7aa7e47922e46951be6902dba603
- SSDEEP
  
  6144:CJ8fs+wmP1mArO2AhFXE9zwynPArHnd8NznaT7ixm8wJPVMTECyli2Pg/1LG8rvn:GHY1nrTvzwynJznafiwhVMT+Ntu
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32