General
-
Target
JaffaCakes118_b34617687a2b3b28e571390e329c77fc0d31957e4d85866b518f7881436d7fa3
-
Size
99KB
-
Sample
241224-njh6fawmby
-
MD5
41000a58d7dc98548645131cb16db34e
-
SHA1
9e9d1b26b192e8c1d783f4c190dd52dccff91ba6
-
SHA256
b34617687a2b3b28e571390e329c77fc0d31957e4d85866b518f7881436d7fa3
-
SHA512
df9e4bdc850e438242a8ca76b8e79ef971fc8fc959dad1c9ccbcaca878f072b44d4351f65cc04c202575cd76127af5b5ea375f0b7dd82ba9f6fdbab7e008590a
-
SSDEEP
1536:XhjBsioyjkiQzkrhxwWtnZ+li9lMNJ7XFoh0g9l/2zpbgTvaCXbOSIutLq:d1lwiyenZH9mNkh04iCXba
Static task
static1
Behavioral task
behavioral1
Sample
DOC_20221012_094045716/DOC_20221012_094045716.scr
Resource
win7-20241023-en
Malware Config
Extracted
asyncrat
0.5.7B
Oct 11
donzola.duckdns.org:2000
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
DOC_20221012_094045716/DOC_20221012_094045716.scr
-
Size
406.0MB
-
MD5
e95cc5f4f2be88cdd778ddb951e287e4
-
SHA1
478fca06aeb68ab97d2e99c1436b4cc3370ec6d9
-
SHA256
e5b25e4f90530ff9fad1f617d8347f497a8bdba07e707f522564132a5bfab0b5
-
SHA512
23f420f9e904ab6b2d8954ef2232cd8b84560c8f856bc83e74d8eb17228def2dc6be09db8aa7f8a67d5914be2e2e228cd483d818602a79397f96c709c5e5c49a
-
SSDEEP
3072:M+rR+Y6VgvQdJK0vtNZg/V7S+O+dvvAun:M+BFI3vtNZNH+dv
-
Asyncrat family
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-