Extracted

• • Target

    ddfbc3b32cbe7636e8976d8a4aee4a00_NEIKI

  • Size

    2.2MB

  • MD5

    ddfbc3b32cbe7636e8976d8a4aee4a00

  • SHA1

    baa8bb1168d9ee2e2f57646394cdc0760a61a133

  • SHA256

    7b76d9fb50dc5f83d25b339efe8dc7f66c6d645cc3b14f1e4b8091ef4220ea42

  • SHA512

    76273c96d61588601194f4dd0e2557b05c45a3a6688c8d1014159bc2c6ec590bc809a9f24464e9058d2416725f944d0c412047da9360df21cb1f376eaa1f696e

  • SSDEEP

    49152:ozTmfXYjqGUBL6F7+8Pu/ZF26QreE26pKdzj58oz9InwWlLoZot:IuCqmF7+FSrLadz98U9B

  Score

  10^/10

  asyncratzgratdefaultpersistencerat

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat

  • Detect ZGRat V1

  • ZGRat

    ZGRat is remote access trojan written in C#.

    ratzgrat

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2