General
-
Target
2f9e7eff2a3dc88b9db2382875b0d3ad4241ac09e97e8d1d779a533a8fc1d8d1
-
Size
63KB
-
Sample
240712-hzzkgawame
-
MD5
1644c4839846a1b6524e38071528a564
-
SHA1
2250bbb322087bf0ba0a26a83b0e11ce5da6733d
-
SHA256
2f9e7eff2a3dc88b9db2382875b0d3ad4241ac09e97e8d1d779a533a8fc1d8d1
-
SHA512
06c28e8198d75aa5df58d678ae6145e388c5ee41f9f06b5de89e06fd821c91d5b4ef5cf3305493697eb870f0f9ab41b1e4b4de50301d0c3cf6a471de0c04eb98
-
SSDEEP
1536:VYQj1F212+iqsUbDh9xrsGu1SdpqKmY7:KKM1DhsUbD9HGz
Behavioral task
behavioral1
Sample
2f9e7eff2a3dc88b9db2382875b0d3ad4241ac09e97e8d1d779a533a8fc1d8d1.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
asyncrat
Default
45.139.198.242:6606
-
delay
1
-
install
true
-
install_file
MicrosoftServices.exe
-
install_folder
%AppData%
Targets
-
-
Target
2f9e7eff2a3dc88b9db2382875b0d3ad4241ac09e97e8d1d779a533a8fc1d8d1
-
Size
63KB
-
MD5
1644c4839846a1b6524e38071528a564
-
SHA1
2250bbb322087bf0ba0a26a83b0e11ce5da6733d
-
SHA256
2f9e7eff2a3dc88b9db2382875b0d3ad4241ac09e97e8d1d779a533a8fc1d8d1
-
SHA512
06c28e8198d75aa5df58d678ae6145e388c5ee41f9f06b5de89e06fd821c91d5b4ef5cf3305493697eb870f0f9ab41b1e4b4de50301d0c3cf6a471de0c04eb98
-
SSDEEP
1536:VYQj1F212+iqsUbDh9xrsGu1SdpqKmY7:KKM1DhsUbD9HGz
-
Async RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-