Overview

overview

10

Static

static

10

EhXUMhhD.exe

windows7_x64

10

EhXUMhhD.exe

windows10_x64

10

Analysis

  • max time kernel
    6s
  • max time network
    10s
  • platform
    windows7_x64
  • resource
    win7v20210410
  • submitted
    21-04-2021 18:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    EhXUMhhD.exe

  • Size

    45KB

  • MD5

    b9121bf875ef630683f14e1fe20b6bc2

  • SHA1

    4c07b658f5c366fb54bbcb2a8b580d972e8f1f0d

  • SHA256

    568d8b063f549298e638c5c39c5b12a2e379b402224b689cab5504d29bef8e35

  • SHA512

    7affaac4b72cbc542880c764d8c6c99f2b450c53d830583976d42f1f277dd99010bcb8601bf32ffcf27ec8cc884111df891b41b33126c13c853b8de41260e97a

Score
10/10
asyncratrat

Malware Config

Signatures

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers.

    ratasyncrat
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\EhXUMhhD.exe
    "C:\Users\Admin\AppData\Local\Temp\EhXUMhhD.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2040

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2040-59-0x0000000001350000-0x0000000001351000-memory.dmp
    Filesize

    4KB

    Download
  • memory/2040-61-0x0000000076281000-0x0000000076283000-memory.dmp
    Filesize

    8KB

    Download
  • memory/2040-62-0x00000000006B0000-0x00000000006B1000-memory.dmp
    Filesize

    4KB

    Download