General

  • Target

    2992-17-0x0000000000400000-0x0000000000412000-memory.dmp

  • Size

    72KB

  • Sample

    240527-ng9klsaf35

  • MD5

    cf59b5a685bc6451a9eff6ab3fc9179e

  • SHA1

    5badb998f8b89487e4c4ad86561b246ed94018e7

  • SHA256

    65d21154ac90f7625f54a1c7091fc8396aa3ba92efb058acd6ee28a27a6dd556

  • SHA512

    18c74488979455d832e0cef6688be3a9acd832445194c330503785a3ddc9ff5d0da409b0c484a870bbd547c9f54948c94468ea0fe751f9081e6f9e770b839276

  • SSDEEP

    768:KefuL/GoWPAGXuye91Vstjb0gxh55qCx77hrN5wYDDGq2tYcFmVc6K:KFGeYlbbxr5txXBLDGqKmVcl

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

0.5.6B

C2

185.222.58.40:1978

Mutex

qmwtmuxejofbqhzba

Attributes
  • delay

    5

  • install

    true

  • install_file

    windocv.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      2992-17-0x0000000000400000-0x0000000000412000-memory.dmp

    • Size

      72KB

    • MD5

      cf59b5a685bc6451a9eff6ab3fc9179e

    • SHA1

      5badb998f8b89487e4c4ad86561b246ed94018e7

    • SHA256

      65d21154ac90f7625f54a1c7091fc8396aa3ba92efb058acd6ee28a27a6dd556

    • SHA512

      18c74488979455d832e0cef6688be3a9acd832445194c330503785a3ddc9ff5d0da409b0c484a870bbd547c9f54948c94468ea0fe751f9081e6f9e770b839276

    • SSDEEP

      768:KefuL/GoWPAGXuye91Vstjb0gxh55qCx77hrN5wYDDGq2tYcFmVc6K:KFGeYlbbxr5txXBLDGqKmVcl

    Score
    1/10

MITRE ATT&CK Matrix

Tasks