General
-
Target
JaffaCakes118_61ffd11a88da5f4046f4586b08ae56c3292ca6a5b5e7e9d8eee53939c402162e
-
Size
396KB
-
Sample
241224-tsxyvasjbj
-
MD5
44b6f28a25fd6efcd3e2621278df55b2
-
SHA1
907201facf9b1f3a716217d992876faa9b18047b
-
SHA256
61ffd11a88da5f4046f4586b08ae56c3292ca6a5b5e7e9d8eee53939c402162e
-
SHA512
07207c78b6031fd87a6732fb9e5c8d76c1f4b4e5ec3613ed9320b45498d8c47e9c826d0c3d21a6d039abab13c27719f0bdccf500eb9cdddebc6c3c092866b8e9
-
SSDEEP
12288:8KJuxIbg4qAPuILdyiqo4kKTL2uPZkbzN:7ar1APuIOo+L0zN
Static task
static1
Behavioral task
behavioral1
Sample
Payment Invoice Copy.exe
Resource
win7-20240903-en
Malware Config
Extracted
asyncrat
0.5.7B
Default
23.92.209.138:6606
23.92.209.138:7707
23.92.209.138:8808
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
Payment Invoice Copy.exe
-
Size
578KB
-
MD5
e3bbcd9ecd0c7a43d84c42f47877d766
-
SHA1
d2fea2b4fa4ded44078f641932d8399af76a9370
-
SHA256
142615d8e77bb22a168f6f26f374b99b06fa2bc6942627c4170e0983ebdc60ed
-
SHA512
e3bf21da59e7446c28e28777c4629d9003615e5b5e31b80635b47b6f34220f240875de0340f08dabbefaedccbaf1e792d5ce0e5d51131074cfdf849a38db4e66
-
SSDEEP
12288:yk/2L2IW2iN/2iNL3uMLdsiqoGksTLCu5ZkbzUH:yQ2Y1J153uM4oaLGzc
-
Asyncrat family
-
Suspicious use of SetThreadContext
-