Extracted

• • Target

    3e0590e42affae14f003fe2686abb8bd9be6e2fb48f7160779d0dc0c03cdfeee.cmd

  • Size

    72KB

  • MD5

    4bfe57ca78dd1ac468e92a2307783552

  • SHA1

    73966e6a19ba6f1ea47002ddcbc42d5ac6434b22

  • SHA256

    3e0590e42affae14f003fe2686abb8bd9be6e2fb48f7160779d0dc0c03cdfeee

  • SHA512

    21a0071708eaeead1ebf0cb96ab39955b6ced797c0b9e25005c5c8ae4659f2ef842de42572f15fa02eb91df82eb5ba82b1b0d06d09d908d835f039f23fca4572

  • SSDEEP

    1536:W4s6PYSYp0q0tIlQ2baGAIbsIpcEj/Bi81w2yfmfV2fymv:46PHY2glQ2nAIQUcY91Fj2fyi

  Score

  10^/10

  executionasyncratdefaultrat

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat

  • Async RAT payload

    rat

  • Detects executables packed with ConfuserEx Mod

  • Detects file containing reversed ASEP Autorun registry keys

  • Blocklisted process makes network request

  • Command and Scripting Interpreter: PowerShell

    Run Powershell and hide display window.

    execution
  behavioral1behavioral2