Overview

overview

10

Static

static

10

1YyuQvKv.exe

windows7_x64

10

1YyuQvKv.exe

windows10_x64

10

Analysis

  • max time kernel
    146s
  • max time network
    147s
  • platform
    windows10_x64
  • resource
    win10v20210410
  • submitted
    05-05-2021 02:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1YyuQvKv.exe

  • Size

    45KB

  • MD5

    41115f48907e279dacf12984cc0f4384

  • SHA1

    a36939395b2e94a4ef902286ec1733ec1362e9ef

  • SHA256

    5a07afab2821db456cbe3b3331fa08e36dc050ceb3cfe71fa79c9a6c3e429626

  • SHA512

    b02bcc448ee11d1896270794a3a1a8086c7271756b7c21dc0f09e16cdd687fda42b51dc3f1ab333ee8c9f8cfe6d30169695eb5e5154de4e446158773bd012cf7

Score
10/10
asyncratrat

Malware Config

Signatures

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers.

    ratasyncrat
  • Async RAT payload 2 IoCs
    rat
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1YyuQvKv.exe
    "C:\Users\Admin\AppData\Local\Temp\1YyuQvKv.exe"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:4064

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4064-114-0x0000000000810000-0x0000000000811000-memory.dmp
    Filesize

    4KB

    Download
  • memory/4064-116-0x0000000005080000-0x0000000005081000-memory.dmp
    Filesize

    4KB

    Download
  • memory/4064-117-0x0000000005950000-0x0000000005951000-memory.dmp
    Filesize

    4KB

    Download
  • memory/4064-118-0x0000000005EF0000-0x0000000005EF1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/4064-119-0x0000000005A60000-0x0000000005A61000-memory.dmp
    Filesize

    4KB

    Download
  • memory/4064-120-0x00000000010F0000-0x00000000010F1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/4064-121-0x0000000001070000-0x000000000109B000-memory.dmp
    Filesize

    172KB

    Download
  • memory/4064-122-0x0000000005EB0000-0x0000000005EB1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/4064-123-0x00000000068F0000-0x00000000068F1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/4064-124-0x00000000068A0000-0x00000000068BB000-memory.dmp
    Filesize

    108KB

    Download
  • memory/4064-125-0x0000000006B50000-0x0000000006B51000-memory.dmp
    Filesize

    4KB

    Download