Overview

overview

10

Static

static

10

EhXUMhhD.exe

windows7_x64

10

EhXUMhhD.exe

windows10_x64

10

Analysis

  • max time kernel
    16s
  • max time network
    110s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    21-04-2021 18:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    EhXUMhhD.exe

  • Size

    45KB

  • MD5

    b9121bf875ef630683f14e1fe20b6bc2

  • SHA1

    4c07b658f5c366fb54bbcb2a8b580d972e8f1f0d

  • SHA256

    568d8b063f549298e638c5c39c5b12a2e379b402224b689cab5504d29bef8e35

  • SHA512

    7affaac4b72cbc542880c764d8c6c99f2b450c53d830583976d42f1f277dd99010bcb8601bf32ffcf27ec8cc884111df891b41b33126c13c853b8de41260e97a

Score
10/10
asyncratrat

Malware Config

Signatures

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers.

    ratasyncrat
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\EhXUMhhD.exe
    "C:\Users\Admin\AppData\Local\Temp\EhXUMhhD.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:640

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/640-114-0x0000000000380000-0x0000000000381000-memory.dmp
    Filesize

    4KB

    Download
  • memory/640-116-0x0000000004BC0000-0x0000000004BC1000-memory.dmp
    Filesize

    4KB

    Download