Extracted

• • Target

    bfa3f6f645ef9ae71a47e665200300f035dbf18af1774f57a65ab1de763ef1da

  • Size

    936KB

  • MD5

    9ee64b943c2405d18d892e92b128d573

  • SHA1

    ac5564a6984f111670446d6538e6fc218e7474fd

  • SHA256

    bfa3f6f645ef9ae71a47e665200300f035dbf18af1774f57a65ab1de763ef1da

  • SHA512

    00ded857701d3c8c17250127454daf88767eed8c502a9ad5b10962a346f6e8e84e6db3e5ce0b8823214f9594595459450dc6997f1359f39f6ba2577768ba09fd

  • SSDEEP

    12288:RdRUevOMD2dgRKGopeN4ADqjJ5n4MSGSbAEu9H7kJ1f82fpuIXxV+/ZTo2uRCyri:RzUecgRKdpNjr48

  Score

  10^/10

  asyncratdefaultdiscoveryrat

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat

  • Asyncrat family

    asyncrat

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2