General
-
Target
dd256157a85a12405cbdf789af1b2442
-
Size
1.8MB
-
Sample
240524-ssfh5aad8v
-
MD5
dd256157a85a12405cbdf789af1b2442
-
SHA1
215b9612eec327982a956ada1c5c9ca0cb934b0b
-
SHA256
37157625bef24977ce0cf11e74b3d5c8412a0638b541e51cc0944b5127b2469d
-
SHA512
4e6b8dcc6cf00c85d3a68a412555e370a5d63ee480594e7a7ee6f8289e2873ea4b2860d6e5a7e3bd77ea1c079132ecbf9010bb6e47683c6c49ac640357fee2f3
-
SSDEEP
49152:P1opHluallLeIfGpD+ePfGaBbVoJLshVGbdMeaLaf:N2HluaDp7WmeJaf
Malware Config
Extracted
asyncrat
1.0.7
ORO-BENDITOS 2
krakenstudio061Q.casacam.net:8002
DcRatMutex_qwqdanchun
-
delay
1
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
dd256157a85a12405cbdf789af1b2442
-
Size
1.8MB
-
MD5
dd256157a85a12405cbdf789af1b2442
-
SHA1
215b9612eec327982a956ada1c5c9ca0cb934b0b
-
SHA256
37157625bef24977ce0cf11e74b3d5c8412a0638b541e51cc0944b5127b2469d
-
SHA512
4e6b8dcc6cf00c85d3a68a412555e370a5d63ee480594e7a7ee6f8289e2873ea4b2860d6e5a7e3bd77ea1c079132ecbf9010bb6e47683c6c49ac640357fee2f3
-
SSDEEP
49152:P1opHluallLeIfGpD+ePfGaBbVoJLshVGbdMeaLaf:N2HluaDp7WmeJaf
Score10/10-
AsyncRat
AsyncRAT is designed to remotely monitor and control other computers written in C#.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-