Extracted

Extracted

• • Target

    Sat.bat

  • Size

    2KB

  • MD5

    0e2fff554ddadc58aaff7978ec06aa32

  • SHA1

    b453b17905235ea96150c90711285f7879d3afc0

  • SHA256

    64c79060f8478363e93ae210e0bd7ba9178fecdd1a0badba4fed5382180d3a80

  • SHA512

    c54cc4c956dc733835d0d40d49377b23b8b63bfa118e0e9ed5bba18e2b2b5f4a33656cd5b75230cd7dec05a98a3bc4b84b429121cffe3644fff72fc628b83b76

  Score

  10^/10

  executionasyncratdefaultdiscoveryratspywarestealer

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat

  • Asyncrat family

    asyncrat

  • Blocklisted process makes network request

  • Executes dropped EXE

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Command and Scripting Interpreter: PowerShell

    Start PowerShell.

    execution

  • Suspicious use of SetThreadContext

  behavioral1behavioral2