Extracted

Extracted

• • Target

    Agreements.js

  • Size

    163KB

  • MD5

    cb7541f8671eb6b42ce0a58de6973c9b

  • SHA1

    aebfdd104f8883f35aa9818cc3a9e2248c8d3379

  • SHA256

    a45962b3f4ff99334a43e3fea7ca89bc324ed95c3eb14406ccc1701141147013

  • SHA512

    8a735f9261b829951fc00ade7ad065c3d5fac6387c1344bbd3130793c71dd6d5764f43324dc2f0577941ec422480844520575d496408f2df9c54931c30d1c533

  • SSDEEP

    1536:c8uNnKlC9130ibAHEGlexE7Ea9ERy4rDqm4SzQ6VIYWij5zeDJKg0tW7exmbcAOp:c8WnKM9abHcqUqYzQ6V2id8U

  Score

  10^/10

  executionasyncratdefaultdiscoveryrat

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat

  • Asyncrat family

    asyncrat

  • Blocklisted process makes network request

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Command and Scripting Interpreter: PowerShell

    Using powershell.exe command.

    execution

  • Suspicious use of SetThreadContext

  behavioral1behavioral2