General
-
Target
935fa2bdf4a8b2b9d71c1e87dfda27ef.bin
-
Size
1015KB
-
Sample
240620-d8c1ls1ejn
-
MD5
b7a33ee846e5a94278cef0c299c26a59
-
SHA1
d71ef9c5386cee4d212b08663b40e3a229e5a2f8
-
SHA256
124174c711a4ccf9cb60a6840d6973f7fd87356e88c434b7b30498b3bb91b3fc
-
SHA512
7b00bcccf9ebaf3f2af67f9c87509383355e09c17ed22e42dbf208f025259c34541d61a237e5694a2876d8e5270edc76545db3bcd31563c8ca16bb951475249f
-
SSDEEP
24576:RrDFV3jeZvW7vKEh9RFzgaSwT3On505WBWmdk:RrDFV3qZ8KoPtSq3O5KWdO
Static task
static1
Behavioral task
behavioral1
Sample
f7d1b2ecb7f47ed1311ed562bd1565f2e849d26e0c076e6ec6125d535bf17c11.exe
Resource
win7-20240611-en
Malware Config
Extracted
asyncrat
Default
127.0.0.1:7771
127.0.0.1:39377
doffuovouvvufoz97964d-39377.portmap.host:7771
doffuovouvvufoz97964d-39377.portmap.host:39377
-
delay
1
-
install
true
-
install_file
lulz.exe
-
install_folder
%AppData%
Targets
-
-
Target
f7d1b2ecb7f47ed1311ed562bd1565f2e849d26e0c076e6ec6125d535bf17c11.exe
-
Size
1.1MB
-
MD5
935fa2bdf4a8b2b9d71c1e87dfda27ef
-
SHA1
468fea59efdd1e52aebd17edd6185d472a311f7e
-
SHA256
f7d1b2ecb7f47ed1311ed562bd1565f2e849d26e0c076e6ec6125d535bf17c11
-
SHA512
74434c0a88589083d9087158ec3fb75921e4715bb61654ef4688fe936d3677a3224451be9140087596c01d1ccc6054064791ad2307a84e7b9bf221b36e0def36
-
SSDEEP
24576:xcvYPuAT6+Feyf8h8zwGhKL8bzh2God0Tae3sHPFMses6n:xZP1VFeyftzdhKLsQdle3svFM
-
Async RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-