Extracted

• • Target

    2.exe

  • Size

    62KB

  • MD5

    9877364c52f76487181d5da76adfd121

  • SHA1

    4580eaf814a1a738132438abf62f9c186ec6ab03

  • SHA256

    fe9b163fd9645a16adea5f4655be3d072e5459e753f52c3d292637f5d41062c9

  • SHA512

    8dab60b02fc7f3c6caba24b6425e5377d5fbb6d2963a8dff470a59e12cea81ae31503ec3b40fb41e71d3a1f585429fe3bd310e9028decdd3507503f18b0cba19

  • SSDEEP

    1536:NTnFkQMcYNVT5O8qVpieVLHAb9oLig7824Ykmvrq70x:NTnFkQMcYjT5ONVpieVLHAbyLiG3vrqS

  Score

  10^/10

  asyncratnew 3aloshratxenarmorcollectionpasswordrecoveryspywarestealerupx

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers.

    ratasyncrat

  • XenArmor Suite

    XenArmor is as suite of password recovery tools for various application.

    recoverypasswordxenarmor

  • Async RAT payload

    rat

  • ACProtect 1.3x - 1.4x DLL software

    Detects file using ACProtect software.

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads local data of messenger clients

    Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    spywarestealer

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Accesses Microsoft Outlook accounts

    collection
  behavioral1behavioral2