Extracted

• • Target

    CITACION_DEMANDA_EN_SU_CONTRA_JUZGADO_008_CIVIL_DEL_CIRCUITO.zip

  • Size

    3.0MB

  • MD5

    cc4203598a0e3e44fb86ca1fb75da543

  • SHA1

    f43dec3ae3afc14b1a6a25793c09f21fc4c8cfe0

  • SHA256

    50102af6d6a8471ec27d9525066b693a9260be7d44eda0bbe29a00734350092d

  • SHA512

    30b43598a8f0a5df20d918648763e8e1748283f7d3af23c2016d5850daf1fa3d5179a1aa1a6803038a6605027d5a86061940595807b8a1fa0b884350a38f1e7b

  • SSDEEP

    49152:9Y1IyfHG4qPeXKBRv73O3yhyGNsS4s4yhmxPKkGgZUEggqKUyGqYHgAXwx:OpPG4Ckyv7Vhy4f0yYRZdggtSH1Q

  Score

  10^/10

  asyncratdefaultdiscoverypersistencerat

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat

  • Executes dropped EXE

  • Loads dropped DLL

  • Modifies system executable filetype association

    persistence

  • Registers COM server for autorun

    persistence

  • Adds Run key to start application

    persistence

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Drops desktop.ini file(s)

  • Checks system information in the registry

    System information is often read in order to detect sandboxing environments.

  • Suspicious use of SetThreadContext

  behavioral1