Extracted

• • Target

    RequstHunter.v1.exe

  • Size

    273KB

  • MD5

    fc79bd5c3f70526b11f3fd1cb0db10cc

  • SHA1

    a513aa52c892655d542884d97e02af80027ff243

  • SHA256

    86e2aaf2ebbf947ac0e9cdf178cd27be6e84e8dfded476e4e6453b0c8f570290

  • SHA512

    f262abe9d968a6b87f27dc92962477bd7801f929790aa254d082bd3a48c623ad7ca6edc598218df79ab56e482feb9c88b1f9ad792c214b9135580f36938e36f0

  • SSDEEP

    6144:k9RBOBIIj6HLLYLCYJqvc1DOfRfGYb/FHbyeZP8vodSnbCWDuba9:afR+YbtdP8cuuba9

  Score

  10^/10

  asyncratneshtastormkittydefaultdiscoverypersistenceratspywarestealer

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat

  • Asyncrat family

    asyncrat

  • Detect Neshta payload

  • Neshta

    Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    persistencespywareneshta

  • Neshta family

    neshta

  • StormKitty

    StormKitty is an open source info stealer written in C#.

    stealerstormkitty

  • StormKitty payload

  • Stormkitty family

    stormkitty

  • Async RAT payload

    rat

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Modifies system executable filetype association

    persistence

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Drops desktop.ini file(s)

  behavioral1