Extracted

• • Target

    c919f26a41610ce0ffe338b710f7ec886a332264b9e904cb6d870cea68c52ddc

  • Size

    6.7MB

  • MD5

    023895789f0f3e300db204bedefae206

  • SHA1

    6d5242724ae417f834070175b2ba6a3115159218

  • SHA256

    c919f26a41610ce0ffe338b710f7ec886a332264b9e904cb6d870cea68c52ddc

  • SHA512

    22836fb3e1df717783818dbcb00df2e66e40feba7f82ade434ed80356b5f825d5adc91fbb8514ffc5b00c2cde5fe553a83f4c0f9b04350f74cb5dd3ad536dd76

  • SSDEEP

    98304:bpTcxdOp2H+n8352zgc3d1F3HWYi6DibJTnNQ4q0GL5IVuL:wOpzn8pOgc3N32z6AnNliWVu

  Score

  10^/10

  asyncratneshtaxmrigdefaultdiscoveryminerpersistenceratspywareupx

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat

  • Asyncrat family

    asyncrat

  • Detect Neshta payload

  • Neshta

    Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    persistencespywareneshta

  • Neshta family

    neshta

  • Xmrig family

    xmrig

  • xmrig

    XMRig is a high performance, open source, cross platform CPU/GPU miner.

    minerxmrig

  • Async RAT payload

    rat

  • XMRig Miner payload

    miner

  • Legitimate hosting services abused for malware hosting/C2

  • Power Settings

    powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.

    persistence

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2