General
-
Target
ud.exe
-
Size
92KB
-
MD5
d1a642fe68d3dce539ac16ef9428a408
-
SHA1
1406e3574486759a770bf22a4f717cab84deccb5
-
SHA256
345025b10e52e71afce7f406633155ca24a676110fa6f9ac5c5b7e04ffeb1c56
-
SHA512
472bf23704105949d5fb8730c42e0bd8deb0ce09fad86846cd2ac3d238c594be290c19914cddd73e51a4e6266bdd605a8085a267237a22e2347eb92621ffa9d2
-
SSDEEP
1536:mOtmnt0b/d/UNxXnkJ7HPx0ALRMMLjp8rVceVVOXlOrl3/IiWZtE5zg2OnsFxVcD:btmt0b/dcNxkDWM5GVcmOXliPIZ25snd
Malware Config
Extracted
asyncrat
1.0.7
Default
127.0.0.1:6522
127.0.0.1:1337
-
delay
1
-
install
false
-
install_folder
%AppData%
Signatures
Files
-
ud.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
Imports
mscoree
_CorExeMain
Sections
.text Size: 43KB - Virtual size: 42KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 48KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ