Static

static

10

H7LMDfMh.exe

windows7_x64

10

H7LMDfMh.exe

windows10_x64

10

Analysis

  • max time kernel
    19s
  • max time network
    112s
  • platform
    windows10_x64
  • resource
    win10v200722
  • submitted
    20-10-2020 09:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    H7LMDfMh.exe

  • Size

    45KB

  • MD5

    fb1a0e0ced17a1a7764980f3b26850bb

  • SHA1

    1a48d9a0f538098833cdf083fa48fd93d1970db8

  • SHA256

    708ba499db884070420f378523658870927c31654d03d24cdac303b5d60b0ac4

  • SHA512

    bf619f1051575de76cacd0fd0fe6d1f4d7695d78fbcb1761752eb2b92f848ce2510df9edc53ff809264a4458161bba773603ce51a19ea25264c2cc12bfa34d61

Score
10/10
ratasyncrat

Malware Config

Signatures

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers.

    ratasyncrat
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\H7LMDfMh.exe
    "C:\Users\Admin\AppData\Local\Temp\H7LMDfMh.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:788

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/788-0-0x0000000073310000-0x00000000739FE000-memory.dmp
    Filesize

    6.9MB

    Download
  • memory/788-1-0x0000000000C30000-0x0000000000C31000-memory.dmp
    Filesize

    4KB

    Download