General
-
Target
SaladInstaller.exe
-
Size
194KB
-
Sample
240119-t531maaeb7
-
MD5
faccc962302c61af491cb9de2cb2d24b
-
SHA1
2e6067b4a236086bf1031a74c385b612cc7a92c2
-
SHA256
4da5f03e4aae4fdd3edcba4411497678312690f49b05790d2ae5fd4cb703147c
-
SHA512
2749e3a344fbbf092cfcf1a9a9543bab41b11d6eca7f48f133c8184ef863fb5dfd5322bfc7ab6112ba91418187089c0d443cf049acdd1ef80fd92da3755bbe14
-
SSDEEP
1536:Fp+AatpOJ9zbZUUnkJuuGaQtdQ3lAVclN:fctpOnzbZPhV0l6Y
Malware Config
Extracted
asyncrat
1.0.7
Default
DcRatMutex_qwqdanchun
-
delay
1
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
SaladInstaller.exe
-
Size
194KB
-
MD5
faccc962302c61af491cb9de2cb2d24b
-
SHA1
2e6067b4a236086bf1031a74c385b612cc7a92c2
-
SHA256
4da5f03e4aae4fdd3edcba4411497678312690f49b05790d2ae5fd4cb703147c
-
SHA512
2749e3a344fbbf092cfcf1a9a9543bab41b11d6eca7f48f133c8184ef863fb5dfd5322bfc7ab6112ba91418187089c0d443cf049acdd1ef80fd92da3755bbe14
-
SSDEEP
1536:Fp+AatpOJ9zbZUUnkJuuGaQtdQ3lAVclN:fctpOnzbZPhV0l6Y
-
Async RAT payload
-
Legitimate hosting services abused for malware hosting/C2
-