Extracted

• • Target

    2d3046668e4316eb38dfa44dd953a486_JaffaCakes118

  • Size

    475KB

  • MD5

    2d3046668e4316eb38dfa44dd953a486

  • SHA1

    deb76018ba4d8c1f700486804c383901923fe80c

  • SHA256

    8013f920a224f6e3af1563d04210866aef0b22c145d827274befc3b4b17cecf8

  • SHA512

    47fb64623c8a3488d5387edc5843a5f193a55d3310a4902bf45dc476f2bfa2473e0b675cc5aaecb90db3e67ca5fdad7d4344d81f38fadd61c5b20ea42a4e5904

  • SSDEEP

    12288:cvwm+4SEmenH6nlLwbJUsz6hGSSt28JYivK+PAsTwChfQ:o+V4an1OWvHi3Is

  Score

  10^/10

  asyncratdefaultrat

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Suspicious use of SetThreadContext

  behavioral1behavioral2