Extracted

• • Target

    1590B1512142D6C974828FC11958A9A5FFDB6673A584B.exe

  • Size

    309KB

  • MD5

    f4e3415d68ba7564f1400b74e4d7e22b

  • SHA1

    a4a3b80c28db771c0b15c543daa56a229467fdf3

  • SHA256

    1590b1512142d6c974828fc11958a9a5ffdb6673a584b15fda7f93768f639a54

  • SHA512

    8c1a0d8db17301bdc6e2e3c16f953c1fd69ba76e887c797d64eb952155dc204a11b8f04181207cae7723aebddf638031e96225131a2006d07c43eb0555f207d7

  • SSDEEP

    6144:h8u3J4+CQ6otk3BPuzoqANdyl6/5rLlj/T+/1aoaorg9v4EqP4EXPav0XXXXX3hM:0K1aoaCgR4HP4KPHXXXXX3hXXXXXX3Xs

  Score

  10^/10

  asyncratdefaultrat

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers.

    ratasyncrat

  • Async RAT payload

    rat

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL

  behavioral1behavioral2