Extracted

• • Target

    dcb648e233ea213fc93b4f4989a917b1e3b73dab596ae6adc1f6c44c0ab1e43d.exe

  • Size

    715KB

  • MD5

    50aa9353e6328b6ab45717d4c410adde

  • SHA1

    bb1949014c0d3a0930844a93a2bef1775126e23f

  • SHA256

    dcb648e233ea213fc93b4f4989a917b1e3b73dab596ae6adc1f6c44c0ab1e43d

  • SHA512

    592b24bb3b07218adfe73f33bc7ccf377ee22934ca63a4f79e956823eabfb287d643120fe6aa4071466453d429883348350b3fdee85cfc43a9b1df110cd66281

  • SSDEEP

    12288:TrB7dEl+et7UwYhQqwoiuIFSP7loB90pIJzubJ2QZWYxrRjsWSA97MqLS:TrB7dE8HgFIP7+9ci7f9Ee

  Score

  10^/10

  asyncratzgratcafepersistencerat

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat

  • Detect ZGRat V1

  • ZGRat

    ZGRat is remote access trojan written in C#.

    ratzgrat

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2