Extracted

• • Target

    Client420.exe

  • Size

    63KB

  • MD5

    1c5040bed50feb67c4ff7eae2e5195f8

  • SHA1

    219e43c45aa592d4e3e22f3705f8b7ef43ba8c5b

  • SHA256

    ec5838935b578b6bd408e62bb2b70a33d3ecdc9bcc0697bfb23ff361191d5676

  • SHA512

    c63bfd98a6c4788861435bad33002096078e9028e97e77c81da629a213cb4f47aa9725c1ad0ee35faf1a93cf9bf25896ef74a2d01962cf097483d6234a87d12a

  • SSDEEP

    1536:2hQzHh1AkR7IWLvAOjnBTW4w2gFvN9Gbb7wvCcIybsG3QpqKmY7:2hQzHh1AkR7XvAOjnBzbuvnGbb75yHLz

  Score

  10^/10

  asyncrat1rat

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat

  • Async RAT payload

    rat

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  behavioral1behavioral2