Behavioral task
behavioral1
Sample
Optimix_client.exe
Resource
win7-20240221-en
General
-
Target
Optimix_client.exe
-
Size
45KB
-
MD5
bc9efb1b76331a392346d4cce9c3b177
-
SHA1
ecd6d5584ab75f5735a69864ecf74dddde8683a1
-
SHA256
d948a6af0e9a1e9981669d300da54d84e526fc55e9654b8de1ba58821e14b96b
-
SHA512
4969259be841c308d791c16d0645e8f72db3f8708975bd9682ae630cca4c8f27b778d48387b5f17f1a1d82f3b8392cfbe95f8d5cd860ad25543f0d520e6b3f19
-
SSDEEP
768:luAINTHkvSbWUnFKJmo2q7XIrzXIxOPILzjbjXgXAiHFeq1BDZPx:luAINTHgN2Lv83L3bEX9leqbdPx
Malware Config
Extracted
asyncrat
0.5.8
Default
192.168.0.76:6606
192.168.0.76:7707
192.168.0.76:8808
192.168.0.76:4444
YNGv5uoT0xzv
-
delay
3
-
install
true
-
install_file
ProtonyteAntiVirusSetup.exe
-
install_folder
%Temp%
Signatures
Files
-
Optimix_client.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 42KB - Virtual size: 41KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ