Overview

overview

10

Static

static

10

1YyuQvKv.exe

windows7_x64

10

1YyuQvKv.exe

windows10_x64

10

Analysis

  • max time kernel
    21s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7v20210408
  • submitted
    05-05-2021 02:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1YyuQvKv.exe

  • Size

    45KB

  • MD5

    41115f48907e279dacf12984cc0f4384

  • SHA1

    a36939395b2e94a4ef902286ec1733ec1362e9ef

  • SHA256

    5a07afab2821db456cbe3b3331fa08e36dc050ceb3cfe71fa79c9a6c3e429626

  • SHA512

    b02bcc448ee11d1896270794a3a1a8086c7271756b7c21dc0f09e16cdd687fda42b51dc3f1ab333ee8c9f8cfe6d30169695eb5e5154de4e446158773bd012cf7

Score
10/10
asyncratrat

Malware Config

Signatures

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers.

    ratasyncrat
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1YyuQvKv.exe
    "C:\Users\Admin\AppData\Local\Temp\1YyuQvKv.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1684

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1684-60-0x0000000001090000-0x0000000001091000-memory.dmp
    Filesize

    4KB

    Download
  • memory/1684-62-0x0000000075B31000-0x0000000075B33000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1684-63-0x0000000000AD0000-0x0000000000AD1000-memory.dmp
    Filesize

    4KB

    Download