General
-
Target
178312f109fe57b02dfb81ca88e3016204480e72a902e7867cb5e160082cf7a5.exe
-
Size
116KB
-
Sample
240619-bhafpavfjr
-
MD5
1343a927e6778744d23342667ec88efd
-
SHA1
aa04a0ede10327949a8d85297df0f73403230b97
-
SHA256
178312f109fe57b02dfb81ca88e3016204480e72a902e7867cb5e160082cf7a5
-
SHA512
b956cff941ad3e594b5b5568fbefb4b190caf8fae6c827a0a31460c5d2b26440ddcf03252fa03c78eb4e18ebdfb688422c2d1dcea2100c3f829ec7e0afe9c2ba
-
SSDEEP
1536:p0VAGN3q2sHYUrRjX1X5obFEVmzraSO/JaMuHq29KjtVB:WaGNa2s7rRD5ebImzrK/Ja/b9WtVB
Static task
static1
Behavioral task
behavioral1
Sample
178312f109fe57b02dfb81ca88e3016204480e72a902e7867cb5e160082cf7a5.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
178312f109fe57b02dfb81ca88e3016204480e72a902e7867cb5e160082cf7a5.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
asyncrat
Default
127.0.0.1:7771
127.0.0.1:39377
doffuovouvvufoz97964d-39377.portmap.host:7771
doffuovouvvufoz97964d-39377.portmap.host:39377
-
delay
1
-
install
true
-
install_file
lulz.exe
-
install_folder
%AppData%
Targets
-
-
Target
178312f109fe57b02dfb81ca88e3016204480e72a902e7867cb5e160082cf7a5.exe
-
Size
116KB
-
MD5
1343a927e6778744d23342667ec88efd
-
SHA1
aa04a0ede10327949a8d85297df0f73403230b97
-
SHA256
178312f109fe57b02dfb81ca88e3016204480e72a902e7867cb5e160082cf7a5
-
SHA512
b956cff941ad3e594b5b5568fbefb4b190caf8fae6c827a0a31460c5d2b26440ddcf03252fa03c78eb4e18ebdfb688422c2d1dcea2100c3f829ec7e0afe9c2ba
-
SSDEEP
1536:p0VAGN3q2sHYUrRjX1X5obFEVmzraSO/JaMuHq29KjtVB:WaGNa2s7rRD5ebImzrK/Ja/b9WtVB
-
Detects executables attemping to enumerate video devices using WMI
-
Detects executables containing the string DcRatBy
-
Suspicious use of SetThreadContext
-