Extracted

• • Target

    Round Trip Itinerary details.vbs

  • Size

    78KB

  • MD5

    ab631b79a8f6cc0f48e17765c33c8fee

  • SHA1

    539298c574b25b70379fccd8c47c3dbee5184877

  • SHA256

    f24da1d458f078adf96dca79955313eea5cfe7a6a36334b1352553a31928cec6

  • SHA512

    0e5818d2c4eca342c7b8ece7c8f14028e34d00e2c83f0d3c72ceaeb0380fc568ceb02df8e5743b9a691d85cc462863bceb68ccb1cf499994fe0e523debe6e550

  • SSDEEP

    1536:rtYq5Mv5eaBf+kvAQKCidRC0Xe6Tw/LP5KU52t+gN4:lmRea3vAWGOyZsu4

  Score

  10^/10

  executionasyncratdefaultrat

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat

  • Asyncrat family

    asyncrat

  • Async RAT payload

    rat

  • Blocklisted process makes network request

  • Command and Scripting Interpreter: PowerShell

    Run Powershell and hide display window.

    execution

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  behavioral1behavioral2