General
-
Target
deliverable
-
Size
102KB
-
Sample
240425-w14gpsdd3w
-
MD5
2c54896711f42eee6a5d723ba3cd9367
-
SHA1
b1cb25c806d52ad6bc75f59f84c47e35f05e7373
-
SHA256
7a47b20b76b60679c02f127d0f1b6cafdd96916f8bc33a812c96368e7295331b
-
SHA512
de43895cca7523dfbf53244cfd055621fbe932b861ee5117f79f40491921cfc032f452e746c10a39e633507dd00623a5b361f911b13a19da6963a8b8bbab95df
-
SSDEEP
768:1603LBrePKG3Aiock+wssfexjs8cfzXX/bCbhbEpXLaR/9tG5A/YcLlViRVn8nva:1UxjsNfWdbEYR/mqyUvW/
Static task
static1
Malware Config
Extracted
asyncrat
Default
-
delay
1
-
install
true
-
install_file
svchost.exe
-
install_folder
%AppData%
-
pastebin_config
https://pastebin.com/raw/z5PQ82wE
Targets
-
-
Target
deliverable
-
Size
102KB
-
MD5
2c54896711f42eee6a5d723ba3cd9367
-
SHA1
b1cb25c806d52ad6bc75f59f84c47e35f05e7373
-
SHA256
7a47b20b76b60679c02f127d0f1b6cafdd96916f8bc33a812c96368e7295331b
-
SHA512
de43895cca7523dfbf53244cfd055621fbe932b861ee5117f79f40491921cfc032f452e746c10a39e633507dd00623a5b361f911b13a19da6963a8b8bbab95df
-
SSDEEP
768:1603LBrePKG3Aiock+wssfexjs8cfzXX/bCbhbEpXLaR/9tG5A/YcLlViRVn8nva:1UxjsNfWdbEYR/mqyUvW/
-
Async RAT payload
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-