General
-
Target
download_reversed_11.exe
-
Size
63KB
-
MD5
ea31efc4cf82b98a563d645c011a3eb3
-
SHA1
0de87a9bd2783614a2cf8835c7c59c170c5c43a2
-
SHA256
334bfa8af53b7c715cacec3449d61b39db809c1db46b1565fa010b4e1d98cd6a
-
SHA512
92d8e58fc8342e3d8273b1bd6bbb3efe8e0f94169166541ad6304ebc5c63d4926aa80c41d98ca5c5f08d413e3cd488bd80b5ac9b5e0d484c96237f9389ecf91c
-
SSDEEP
1536:XW8mxnrymk6JwvKufUYFzBVaI5bA6PWYCRjPOw6oOrPlTG5x:XWpxrymk66KufUYF+I5bAxl2oOdCx
Malware Config
Extracted
asyncrat
| CRACKED BY https://t.me/xworm_v2
111111111111 jul
wins26junspam.duckdns.org:9003
AsyncMutex_6SIkaPnk
-
delay
3
-
install
false
-
install_folder
%AppData%
Signatures
Files
-
download_reversed_11.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 60KB - Virtual size: 59KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ