General
-
Target
Report.ps1
-
Size
151KB
-
Sample
240628-kbelhazdje
-
MD5
054618073752ea5823c98130114a3241
-
SHA1
fa0b6774ce03cd7d58d8ae6e35c3af7ab5a31e0a
-
SHA256
bb3f2ff46e9dae66cf62c6e7606a66d02b65abc8dac96e96acd554ebf6fd40ad
-
SHA512
a4f8c512f1a453a0ee106076111ca085d1d584c7cbae9343c253297f637d40114a2c412ead91761be9f8dbbd3f6c092ca47bb3aa7837fe0e5e34d0a959a4ab79
-
SSDEEP
1536:seS5tcblb19Uctb+Kl0yhfes/bapbXEX2SgDQHWGjKdAqNvRKIPQryxWB9C7Dsi+:PSTI9UcZ3n39C7Dsi3br3ApuL4QzC
Static task
static1
Malware Config
Extracted
asyncrat
A9
Default
services-line2.freeddns.org:5500
AsyncMutex_6SI8OkSKO
-
delay
3
-
install
false
-
install_file
ShellExperienceHost.exe
-
install_folder
%AppData%
Targets
-
-
Target
Report.ps1
-
Size
151KB
-
MD5
054618073752ea5823c98130114a3241
-
SHA1
fa0b6774ce03cd7d58d8ae6e35c3af7ab5a31e0a
-
SHA256
bb3f2ff46e9dae66cf62c6e7606a66d02b65abc8dac96e96acd554ebf6fd40ad
-
SHA512
a4f8c512f1a453a0ee106076111ca085d1d584c7cbae9343c253297f637d40114a2c412ead91761be9f8dbbd3f6c092ca47bb3aa7837fe0e5e34d0a959a4ab79
-
SSDEEP
1536:seS5tcblb19Uctb+Kl0yhfes/bapbXEX2SgDQHWGjKdAqNvRKIPQryxWB9C7Dsi+:PSTI9UcZ3n39C7Dsi3br3ApuL4QzC
-
Suspicious use of SetThreadContext
-