Extracted

• • Target

    ec6bc12cc93f848b344fd0d9fce037178904fb98a66ced81dcc9ffb2a1e83ba7.exe

  • Size

    405KB

  • MD5

    c03047a965d5cc81d1500f5c622aa015

  • SHA1

    146c251cc7e95cc077968adb2fa2f0609c2c2bbd

  • SHA256

    ec6bc12cc93f848b344fd0d9fce037178904fb98a66ced81dcc9ffb2a1e83ba7

  • SHA512

    49f8e1ca0df995a0d34b7387240ec9f25b31c30d09b162c82320c86890fd872eb5897877376d2f192c83321e9ffd8848a90c93efdf92a817b428ada464c81bae

  • SSDEEP

    6144:8FReki7IuH/8hYvKgT69KepKdAD47lUwscIFAhhGphFd39yoJDi/a2SealG:8FRil/ti3pKd17nsjJj1yoti/qeR

  Score

  10^/10

  asyncratdefaultdiscoveryrat

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat

  • Asyncrat family

    asyncrat

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2