Extracted

• • Target

    PandorahVNC.exe

  • Size

    121.7MB

  • MD5

    7e0c8dba7497c6c4239531073a04628e

  • SHA1

    d82c10b1ed2527f971b2c63e75c15a6b746119b0

  • SHA256

    100dc0db633b1dea1a0c5012f2364ff0d201ff203de1ea3820f432fc51751652

  • SHA512

    e8e79732885f4f38c15fe1e78e740b0678de64c5b8875f590678eca8229190ab84be04724f934037a8837238431c1c0b5809eebdc5e0ee8eb610be012996b722

  • SSDEEP

    3145728:Rlhah9cOLbrHMevdE5x89uYrM0cqgW05zaWPP:p09cOnrBdE5x50ce0

  Score

  10^/10

  arrowratclientrat

  • ArrowRat

    Remote access tool with various capabilities first seen in late 2021.

    ratarrowrat

  • Downloads MZ/PE file

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  behavioral1