Extracted

• • Target

    3730cde00a18eb51a69cec2c0f7fec25.exe

  • Size

    48KB

  • MD5

    3730cde00a18eb51a69cec2c0f7fec25

  • SHA1

    e1e674276906eeb2edbc3def8d5b29d30e3ea860

  • SHA256

    5a55e8151e99ae52f6fb48e25cdf6d7d2fc6e531b6050a250fc4f53d480aa3ac

  • SHA512

    5ca253deebcd29f4473a79c0a485d6eb8995f51a6831a19e547da57c99fe4bd9ee59a0cf44c3be5635225e7abbaef7f04ed716bbeeaec8e55da7029bb7c4b09b

  • SSDEEP

    768:j5F603LoILkWAt+jipNRipp8YblgyDPhvEgK/JzZVc6KN:j5F6RtpNWzbiWnkJzZVclN

  Score

  10^/10

  asyncratdefaultrat

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers.

    ratasyncrat

  • Async RAT payload

    rat

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Legitimate hosting services abused for malware hosting/C2

  behavioral1behavioral2