Extracted

• • Target

    Client.exe

  • Size

    47KB

  • MD5

    22fbde164ea9b7ff6cb091afdbdc90e6

  • SHA1

    1adf25d75b1d64c3a2d012bec5bdb91c98fb1dca

  • SHA256

    21c55fe4ef392c6fe171e2a79ca13e014260bb12bb5f20ec962771b9d8703a89

  • SHA512

    4e05a549462d9f231aa65c2709c556580230674be68df79c7446715df0aba02e4937a8ed1a1231557ae7d839e3aa08fbac873624b41ce224119ecee6b5602598

  • SSDEEP

    768:L19TQo2oIL4+M0+LiktelDSN+iV08YbygenuQN6vEgK/J/ZVc6KN:L1pQoVsktKDs4zb1FnkJ/ZVclN

  Score

  10^/10

  asyncratdefaultpersistenceprivilege_escalationrat

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat

  • Event Triggered Execution: Component Object Model Hijacking

    Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    persistenceprivilege_escalation

  • Executes dropped EXE

  • Modifies system executable filetype association

    persistence

  • Checks system information in the registry

    System information is often read in order to detect sandboxing environments.

  behavioral1