General
-
Target
sklep_monopolowy.accdb
-
Size
428KB
-
Sample
240305-j3bhgsbb56
-
MD5
ff88e1d5547549248b0a2571b01cfe7d
-
SHA1
92668c508e8d0026680b2fa117eee19b6766b1d8
-
SHA256
ee8355abd19ca527294ee826a7a929d933099a1ea72c931d32f3fef2b8b2b939
-
SHA512
0a7de90c40381bf6387112e98c9e754ac27cbd3b77780ced075502674377b312f3daa7c7cb76742daa7002a03cd80377190b9bc98ab1d7d0436ffa737aae6d33
-
SSDEEP
768:ptlJiSuYSoUJTV+mZryeox4Vw7EWN1L3dR93J34dL1EH81L/dRdJD3dRdHdRdq:pgSuYiVCPOaQWD3djlad5drdm
Malware Config
Targets
-
-
Target
sklep_monopolowy.accdb
-
Size
428KB
-
MD5
ff88e1d5547549248b0a2571b01cfe7d
-
SHA1
92668c508e8d0026680b2fa117eee19b6766b1d8
-
SHA256
ee8355abd19ca527294ee826a7a929d933099a1ea72c931d32f3fef2b8b2b939
-
SHA512
0a7de90c40381bf6387112e98c9e754ac27cbd3b77780ced075502674377b312f3daa7c7cb76742daa7002a03cd80377190b9bc98ab1d7d0436ffa737aae6d33
-
SSDEEP
768:ptlJiSuYSoUJTV+mZryeox4Vw7EWN1L3dR93J34dL1EH81L/dRdJD3dRdHdRdq:pgSuYiVCPOaQWD3djlad5drdm
Score10/10-
AsyncRat
AsyncRAT is designed to remotely monitor and control other computers written in C#.
-
SmokeLoader
Modular backdoor trojan in use since 2014.
-
Async RAT payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-