General
-
Target
e84377f181936074f6b29c1ed84acb4409bb199e4e02b71bf4fb43781f803a28.ps1
-
Size
1.9MB
-
Sample
241219-eza1bsyngq
-
MD5
05ca50471d9f5c01b66e448ea589c149
-
SHA1
889ba922194d17cc453bf5a48505a570b9e9b609
-
SHA256
e84377f181936074f6b29c1ed84acb4409bb199e4e02b71bf4fb43781f803a28
-
SHA512
cae798186c385752728cf9b63e8eac4672ebc57d3ef3aa83ceeacf9b5e91924fe994047c4c9f0024cee062e6d1fdcba238076beb72478fd7f8621f6aabd7dac9
-
SSDEEP
24576:bSgmuyXfET5YN3b2LLG1z/7E4/KpdMJczdsrbIB:biMSNKLq1zjAj
Static task
static1
Behavioral task
behavioral1
Sample
e84377f181936074f6b29c1ed84acb4409bb199e4e02b71bf4fb43781f803a28.ps1
Resource
win7-20241010-en
Malware Config
Extracted
asyncrat
AWS | 3Losh
s2
menitalnewways.webredirect.org:6606
menitalnewways.webredirect.org:7707
menitalnewways.webredirect.org:8808
menitalnewways.webredirect.org:333
winter1
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
e84377f181936074f6b29c1ed84acb4409bb199e4e02b71bf4fb43781f803a28.ps1
-
Size
1.9MB
-
MD5
05ca50471d9f5c01b66e448ea589c149
-
SHA1
889ba922194d17cc453bf5a48505a570b9e9b609
-
SHA256
e84377f181936074f6b29c1ed84acb4409bb199e4e02b71bf4fb43781f803a28
-
SHA512
cae798186c385752728cf9b63e8eac4672ebc57d3ef3aa83ceeacf9b5e91924fe994047c4c9f0024cee062e6d1fdcba238076beb72478fd7f8621f6aabd7dac9
-
SSDEEP
24576:bSgmuyXfET5YN3b2LLG1z/7E4/KpdMJczdsrbIB:biMSNKLq1zjAj
-
Asyncrat family
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-