General
-
Target
test2.exe
-
Size
63KB
-
MD5
a6b6984d49636b219e58e00e044e0148
-
SHA1
a905952810ad0d694ce0012ca88fb6e2aa44b75d
-
SHA256
3213f4fcf0e572ac3ea6460af7478aacea9f70daceec692c2f8514e267a6f429
-
SHA512
b71a2e221f46032c901ac4846c6ee0aaa6f69e96a730eb4871b454a0043066c4ebf2d0915843423a8b6be40421fe8ba1032a68cce3aa8529180a4fcc831cf017
-
SSDEEP
1536:H1/k1+XU3RblJpUYUbhh988XuwdpqKmY7:H6iU3hiYUbh48NGz
Malware Config
Extracted
asyncrat
Default
tcp://5.tcp.eu.ngrok.io:18322
-
delay
1
-
install
false
-
install_folder
%AppData%
Signatures
Files
-
test2.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
Imports
mscoree
_CorExeMain
Sections
.text Size: 58KB - Virtual size: 58KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ