A script that can be used to decrypt values from AsyncRAT malware.
- Loads the file into memory via reflection
- Instantiates an object (Client.Algorithm.Aes256) containing the Decrypt method.
- For each encrypted value, invokes the Decrypt method to obtain the plaintext value.
The file used can be be found here.
If run successfully, the script should output something like this.
The script calls these Decrypt methods from the AsyncRAT code.
Which is used to decrypt these values.
