Overview

overview

10

Static

static

10

79c2829462...61.exe

windows7_x64

10

79c2829462...61.exe

windows10_x64

10

Analysis

  • max time kernel
    53s
  • max time network
    149s
  • platform
    windows10_x64
  • resource
    win10v20210410
  • submitted
    10-05-2021 13:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    79c2829462f93369a51e457bd69e1161.exe

  • Size

    45KB

  • MD5

    79c2829462f93369a51e457bd69e1161

  • SHA1

    3f8da577e76a6146b25113d463745c101c3e2199

  • SHA256

    9cf92f5d22c8cd21c4fc2840d9d4d675dcc49f04279eb5caa1d5b880721e3ae0

  • SHA512

    7d072df6b0a615c9303a6ff7afab1e6ecdb748a52497bc40931435dbca1b4a8fec8040290ecfc499626b0ddb5d524470bb0c01be81d402d1b633a385764816a1

Score
10/10
asyncratrat

Malware Config

Signatures

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers.

    ratasyncrat
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\79c2829462f93369a51e457bd69e1161.exe
    "C:\Users\Admin\AppData\Local\Temp\79c2829462f93369a51e457bd69e1161.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:3724

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3724-114-0x0000000000680000-0x0000000000681000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3724-116-0x0000000004F00000-0x0000000004F01000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3724-117-0x0000000005810000-0x0000000005811000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3724-118-0x0000000005DB0000-0x0000000005DB1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3724-119-0x00000000058B0000-0x00000000058B1000-memory.dmp
    Filesize

    4KB

    Download