Extracted

Extracted

Extracted

• • Target

    rattesting.exe

  • Size

    309KB

  • MD5

    6940553fce65b288660a664eb039ffe2

  • SHA1

    8687dc9a6dc0f4b65035bcc76a5e6785eedf66e1

  • SHA256

    d4bc343f7ecdf7008db9c9c71b1d8e275051f24c3dc64b1353a32fcd0e92782f

  • SHA512

    044430fecd45f6119bf06c1ad4a3e7cd02464f579bd901ee883f12c05429812d0181b2fdf918db8a2f0070f7ccec184de0b11ba139a138a48bc45f3508041dc4

  • SSDEEP

    6144:z8JsLcpjzTDDmHayakLkrb4NSarQW82X+t40X9U:IzxzTDWikLSb4NS7t2X+t40X9U

  Score

  10^/10

  executionasyncratdefaultrat

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat

  • Async RAT payload

    rat

  • Blocklisted process makes network request

  • Downloads MZ/PE file

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  behavioral1behavioral2