Extracted

• • Target

    Dependencies.exe

  • Size

    63KB

  • MD5

    97be07e4d8fa640d71aa049385d8bcc2

  • SHA1

    cd21b0a98183abe177ce6b1a857f9b4166100b4d

  • SHA256

    df4e19980ecdf58f0a6562bad1e4929e30e21f4b3633f9f33ad4b86a5406ee31

  • SHA512

    23e6b9ea22b2dead07d5b6baf076afcf747e8ba02df9afbc81ca3011f91035cf6d385c5a9dd5ae63fe6f95010ab928379baf4d55cbb04c4bbdcf246689e52cd4

  • SSDEEP

    768:b2yVjLFj7778BIC8A+XkaazcBRL5JTk1+T4KSBGHmDbD/ph0oX2f2/F5qVKGVxSD:jJ7TPdSJYUbdh9GMMKGOuodpqKmY7

  Score

  10^/10

  asyncratstealeriumdefaultcollectiondiscoveryevasionpersistenceprivilege_escalationratspywarestealertrojan

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat

  • Asyncrat family

    asyncrat

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • Stealerium

    An open source info stealer written in C# first seen in May 2022.

    stealerstealerium

  • Stealerium family

    stealerium

  • UAC bypass

    evasiontrojan

  • Async RAT payload

    rat

  • Executes dropped EXE

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Windows security modification

    evasiontrojan

  • Accesses Microsoft Outlook profiles

    collection

  • Checks whether UAC is enabled

    evasiontrojan

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Looks up geolocation information via web service

    Uses a legitimate geolocation service to find the infected system's geolocation info.

  behavioral1