Behavioral task
behavioral1
Sample
Infected.exe
Resource
win7-20240729-en
General
-
Target
Infected.exe
-
Size
63KB
-
MD5
94bf02bd2695d3600f8ee7a64d69d1f5
-
SHA1
2b8898aa83db48d154205a3361effd6d693e4fa8
-
SHA256
594fba274e35ea62c45899c7d1e2255bc5f3b745429b10e8d2453b59c2a8c27f
-
SHA512
6e4fa49d2ced8e6f37432e25ec21fe827016201db40f902926d68a89e30d0dd2b0f5ca48af1c79da7ce51f3d30d8865397759cf0ac7e4aac318a8c8250c6c7f7
-
SSDEEP
768:fDALAFjT678p4C8A+XeuazcBRL5JTk1+T4KSBGHmDbD/ph0oXIwjfWcSuAdpqKYC:cqTQJdSJYUbdh9IwjfiuAdpqKmY7
Malware Config
Extracted
asyncrat
Default
127.1.0.0:3232
-
delay
1
-
install
true
-
install_file
DocumentPerformanceEvents.exe
-
install_folder
%AppData%
Signatures
Files
-
Infected.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
Imports
mscoree
_CorExeMain
Sections
.text Size: 59KB - Virtual size: 58KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ