Extracted

• • Target

    MegAi Spoofer.lnk.bin

  • Size

    3KB

  • MD5

    c69266e801806c1f36f8d0143a357fe8

  • SHA1

    08fca5854ad4eb5ebace23786412fbc40245e719

  • SHA256

    e8f5ff2d4746c29e082d612daca7f1b423a5c9303f1de3ee38fa972de7e26493

  • SHA512

    45cd70c58a4ae5cf0c9cb7963972a7bd8c655b3c44fbd5d8aba7d928ee0838f4e87ea69a09c2c31079300faa3f516009e23a9d6fa367f1998837c90ce885b5c4

  Score

  10^/10

  executionasyncratdefaultrat

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat

  • Asyncrat family

    asyncrat

  • Async RAT payload

    rat

  • Blocklisted process makes network request

  • Command and Scripting Interpreter: PowerShell

    Run Powershell and hide display window.

    execution

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  behavioral1behavioral2behavioral3behavioral4