Overview

overview

10

Static

static

10

shellbag.exe

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    shellbag.exe

  • Size

    236KB

  • MD5

    9011c72cedf26b22344200de45c0e623

  • SHA1

    07cfd9584eda2a0372fc1067e2be1d01a8474bad

  • SHA256

    6869292594223bf8c5d0ef6c91d4e92879034c0e5cfbe5148e9abd918e36ed3f

  • SHA512

    a7b46039a6f4a24cce8454351836a1216cbe9a25d39dc38728d496d6946c76d5fa1d75912879c828d05732ea9342f5d1f98bd4a4d4f2d0043f4d29c82c0c198e

  • SSDEEP

    6144:ZLbUwF9kfK8rpClz0KBb6o589GHWHWujiSPb8:Z8gBuj/PQ

Score
10/10
ratdefaultasyncrat

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

fl-survivor.gl.at.ply.gg:4444

Mutex

NkmH0uI1CDbyΗUj杰LMOcn

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • shellbag.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections