Extracted

• • Target

    ac36dbf1479ca89c6cc3571ba9e22bcae360efbe29f49cadb67a7b6e5f619467

  • Size

    2.4MB

  • MD5

    d903ea257e435a91c9000068238f2a73

  • SHA1

    10e9a319ef98cb760ac27316fea7df85a26bcb89

  • SHA256

    ac36dbf1479ca89c6cc3571ba9e22bcae360efbe29f49cadb67a7b6e5f619467

  • SHA512

    cfb0a6bde33d2164d8aab463aa5a5b82de4a5adea7b4d96ca4b8383dc57b3fb3680257c8928a7148b3bfc84e56d03163978b38a56ab53e33227f133b20f185c2

  • SSDEEP

    49152:1ELN3uyprLJAeK7+TBLQEOJ4ieQ1YjJ+wJL6czK4EMdO2GnVQw+e489:1S3z3GtaBLPVQijERce4Eyfw+ed

  Score

  10^/10

  asyncratrat

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat

  • Detects executables attemping to enumerate video devices using WMI

  • Detects executables containing the string DcRatBy

  • Suspicious use of NtSetInformationThreadHideFromDebugger

  behavioral1behavioral2