Overview

overview

10

Static

static

10

7466F1F366...E7.exe

windows7_x64

10

7466F1F366...E7.exe

windows10_x64

10

Analysis

  • max time kernel
    15s
  • max time network
    148s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    18-04-2021 05:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7466F1F366B6B1A579B102B5AAD68EE7.exe

  • Size

    307KB

  • MD5

    7466f1f366b6b1a579b102b5aad68ee7

  • SHA1

    214d2d0fc1b4d879cd099acf2f898346404988f3

  • SHA256

    fd31332fe456fceccc18d789f43c520a589e731b20b69169f7177604dcdc355e

  • SHA512

    4bd15a94abc56613fcbf168e03a1b23d77b11f2a0eff415626a9594e66ff687c6b569d45e31fd01b6f3b6935b186752fa1cc8bfd3511cee899f68e25d0d3a1f9

Score
10/10
asyncratrat

Malware Config

Signatures

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers.

    ratasyncrat
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7466F1F366B6B1A579B102B5AAD68EE7.exe
    "C:\Users\Admin\AppData\Local\Temp\7466F1F366B6B1A579B102B5AAD68EE7.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:808

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/808-114-0x0000000000490000-0x0000000000491000-memory.dmp
    Filesize

    4KB

    Download
  • memory/808-116-0x0000000004DC0000-0x0000000004DC1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/808-117-0x0000000005560000-0x0000000005561000-memory.dmp
    Filesize

    4KB

    Download
  • memory/808-118-0x0000000005B00000-0x0000000005B01000-memory.dmp
    Filesize

    4KB

    Download
  • memory/808-119-0x0000000005600000-0x0000000005601000-memory.dmp
    Filesize

    4KB

    Download