General
-
Target
Infected.exe
-
Size
49.0MB
-
Sample
240622-lzmsfsshjb
-
MD5
4f9687af54884153ca9cfe8d1180ffdd
-
SHA1
612bf7f549a18caffe5cf94449d0738ed176568c
-
SHA256
4980a376264ef6f74cf13c761bc19804e29996b606ec96e48324d2373f727e0b
-
SHA512
d6edc57948968fb2216cc9029c0b5f1b2c84bd79f44eb78e976b384d8aa8025fffcf1ae348d0f100e7eda8886d1d9d7a4b82d57af19d07c31786b66d24129afb
-
SSDEEP
768:rVOxvgHcs78rcC8A+XimazcBRL5JTk1+T4KSBGHmDbD/ph0oXW9uSMxS+Su+LpqM:gGcsFdSJYUbdh9WFJu+LpqKmY7
Malware Config
Extracted
asyncrat
Default
127.0.0.1:4782
127.0.0.1:47945
19.ip.gl.ply.gg:4782
19.ip.gl.ply.gg:47945
-
delay
1
-
install
true
-
install_file
AVSecurity.exe
-
install_folder
%AppData%
Targets
-
-
Target
Infected.exe
-
Size
49.0MB
-
MD5
4f9687af54884153ca9cfe8d1180ffdd
-
SHA1
612bf7f549a18caffe5cf94449d0738ed176568c
-
SHA256
4980a376264ef6f74cf13c761bc19804e29996b606ec96e48324d2373f727e0b
-
SHA512
d6edc57948968fb2216cc9029c0b5f1b2c84bd79f44eb78e976b384d8aa8025fffcf1ae348d0f100e7eda8886d1d9d7a4b82d57af19d07c31786b66d24129afb
-
SSDEEP
768:rVOxvgHcs78rcC8A+XimazcBRL5JTk1+T4KSBGHmDbD/ph0oXW9uSMxS+Su+LpqM:gGcsFdSJYUbdh9WFJu+LpqKmY7
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-