Extracted

• • Target

    458fc7f9fc9742b63edefb6a769ebbea643ae79f49f2fcaf4d29c2430ae632f8N

  • Size

    405KB

  • MD5

    2d3305a87b929b8ffd9128cc0531fe70

  • SHA1

    b856528226de4bf73c44ce13a9a2c5d15dd94fb1

  • SHA256

    458fc7f9fc9742b63edefb6a769ebbea643ae79f49f2fcaf4d29c2430ae632f8

  • SHA512

    f2d41da92e21aec2ead7b527b1f25b35fa1fb9086fd2a75938d126f272c7a23bb89b55ab190cd822cba9f4b780ee16d88bbe5f9457241aa73bd423e9d2cb84a8

  • SSDEEP

    6144:8FReki7IuH/8hYvKgT69KepKdAD47lUwscIFAhhGphFd39yoJDi/a2Seal:8FRil/ti3pKd17nsjJj1yoti/qe

  Score

  10^/10

  asyncratdefaultdiscoveryrat

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat

  • Asyncrat family

    asyncrat

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2