Overview

overview

10

Static

static

10

A6Xd4df8.exe

windows7_x64

10

A6Xd4df8.exe

windows10_x64

10

Analysis

  • max time kernel
    7s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7v20210410
  • submitted
    21-04-2021 15:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    A6Xd4df8.exe

  • Size

    45KB

  • MD5

    bd11ad73da2e73e49424b6401cb32fa4

  • SHA1

    1ba71bab8e6f7d78478709ca9aafee7116c04cdc

  • SHA256

    89c38091fdb1977853e9533b62a68082b65dfa61007bd7d7f9dfaa228646252b

  • SHA512

    a6ad5612ce70c88f4c250d17928e79b8ca576c2de8105caa48bd19316add1a52cbedc0a6f8c162c52fa9fb2d52b42aecc74d99ed9d45c5b1d16497733f8c2c94

Score
10/10
asyncratrat

Malware Config

Signatures

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers.

    ratasyncrat
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\A6Xd4df8.exe
    "C:\Users\Admin\AppData\Local\Temp\A6Xd4df8.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:452

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/452-60-0x00000000013A0000-0x00000000013A1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/452-62-0x00000000753E1000-0x00000000753E3000-memory.dmp
    Filesize

    8KB

    Download
  • memory/452-63-0x0000000000D70000-0x0000000000D71000-memory.dmp
    Filesize

    4KB

    Download