General
-
Target
dotnet.bat
-
Size
62KB
-
Sample
240627-12dpwstdnh
-
MD5
3dfb1c3ff09dc31a4096b821b9ff204b
-
SHA1
8604c300175bf352b7612412c6521064a2514674
-
SHA256
a6a1b599988d0dddc226b2c2a3780426d84fcccb29de54076f3171131b84560b
-
SHA512
895cfb222d6b20b9761188531a3ba45df6f7f799aaf760c14c2de4892947a124c35bcd66e20e98cf62bd4c635c46fc5f8ab6d8c7207a081d98b2b8b31a47e172
-
SSDEEP
1536:nOTyT0nIr49koWVZVCud2f7vXJiEOlVnpw0APKNjO4mdFqQjHQp+XuHdd:OmTGZ0aPIEapexSNjO4mdFqQjHQp+Xun
Static task
static1
Behavioral task
behavioral1
Sample
dotnet.bat
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
dotnet.bat
Resource
win10v2004-20240611-en
Malware Config
Extracted
asyncrat
AsyncRAT
WinExplOMG
stormx.dynu.net:77
winexpomg
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
dotnet.bat
-
Size
62KB
-
MD5
3dfb1c3ff09dc31a4096b821b9ff204b
-
SHA1
8604c300175bf352b7612412c6521064a2514674
-
SHA256
a6a1b599988d0dddc226b2c2a3780426d84fcccb29de54076f3171131b84560b
-
SHA512
895cfb222d6b20b9761188531a3ba45df6f7f799aaf760c14c2de4892947a124c35bcd66e20e98cf62bd4c635c46fc5f8ab6d8c7207a081d98b2b8b31a47e172
-
SSDEEP
1536:nOTyT0nIr49koWVZVCud2f7vXJiEOlVnpw0APKNjO4mdFqQjHQp+XuHdd:OmTGZ0aPIEapexSNjO4mdFqQjHQp+Xun
Score10/10-
Async RAT payload
-
Blocklisted process makes network request
-