Overview

overview

10

Static

static

10

A6Xd4df8.exe

windows7_x64

10

A6Xd4df8.exe

windows10_x64

10

Analysis

  • max time kernel
    23s
  • max time network
    144s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    21-04-2021 15:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    A6Xd4df8.exe

  • Size

    45KB

  • MD5

    bd11ad73da2e73e49424b6401cb32fa4

  • SHA1

    1ba71bab8e6f7d78478709ca9aafee7116c04cdc

  • SHA256

    89c38091fdb1977853e9533b62a68082b65dfa61007bd7d7f9dfaa228646252b

  • SHA512

    a6ad5612ce70c88f4c250d17928e79b8ca576c2de8105caa48bd19316add1a52cbedc0a6f8c162c52fa9fb2d52b42aecc74d99ed9d45c5b1d16497733f8c2c94

Score
10/10
asyncratrat

Malware Config

Signatures

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers.

    ratasyncrat
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\A6Xd4df8.exe
    "C:\Users\Admin\AppData\Local\Temp\A6Xd4df8.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:3128

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3128-114-0x0000000000370000-0x0000000000371000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3128-116-0x0000000002710000-0x0000000002711000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3128-117-0x0000000005500000-0x0000000005501000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3128-118-0x0000000005AA0000-0x0000000005AA1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3128-119-0x00000000055A0000-0x00000000055A1000-memory.dmp
    Filesize

    4KB

    Download