General
-
Target
xxx.ps1
-
Size
2.0MB
-
Sample
241218-lcvvjstrfr
-
MD5
4e71954ab5a47de9f74938dc0cd3c84f
-
SHA1
781b4cffead59d083d301c7eec7d55250b5a4317
-
SHA256
3b8fc9046c06420b3382cf851595370e4bb75ad0330c44515ad6bedb286dbfc7
-
SHA512
3a44a383686308352a5499d21a30317c61ea8caa81145001af22f5de536a2f3e73da43fafca53696be3923e86bb8780e5b503c3e5f379c1407362fca3909cd80
-
SSDEEP
24576:bSgmuyXfET5YN3b2LLG1z/7E4/KpdMJczdsrbIm:biMSNKLq1zjAU
Static task
static1
Behavioral task
behavioral1
Sample
xxx.ps1
Resource
win7-20240729-en
Malware Config
Extracted
asyncrat
A 12
MuGz_New
sasaa.kozow.com:6606
AsyncMutex_fsasaa.kozow.com
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
xxx.ps1
-
Size
2.0MB
-
MD5
4e71954ab5a47de9f74938dc0cd3c84f
-
SHA1
781b4cffead59d083d301c7eec7d55250b5a4317
-
SHA256
3b8fc9046c06420b3382cf851595370e4bb75ad0330c44515ad6bedb286dbfc7
-
SHA512
3a44a383686308352a5499d21a30317c61ea8caa81145001af22f5de536a2f3e73da43fafca53696be3923e86bb8780e5b503c3e5f379c1407362fca3909cd80
-
SSDEEP
24576:bSgmuyXfET5YN3b2LLG1z/7E4/KpdMJczdsrbIm:biMSNKLq1zjAU
-
Asyncrat family
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-