Extracted

• • Target

    61e869da1d5cefe780a706e06b904c276d8393e618de382c3b4abdbb4d817222.exe

  • Size

    46.7MB

  • MD5

    4410dbdf8f12dfbf1f165276c42444fe

  • SHA1

    41636f267072fec4554293c8d6abe148e1e67cc6

  • SHA256

    61e869da1d5cefe780a706e06b904c276d8393e618de382c3b4abdbb4d817222

  • SHA512

    33b4aa2617a3cf96623c66e67fcb22a96ca78df4829773de94ac75ea6749cf85842429e9383b720afa8937594e235c6ea02e81acb833713fa1f90ef18e0505e0

  • SSDEEP

    786432:Nkmk80dcNz5mU7FgDHNM2RXKxN1bfHRz8CGj7IBLbTSR/4ibob+XAkqdvDjhr:Dk5cNUUJgrNPOFfxFGjMBLKLbob+XCdl

  Score

  10^/10

  asyncratrat

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat

  • Async RAT payload

    rat

  • Detects file containing reversed ASEP Autorun registry keys

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  behavioral1behavioral2