Analysis
-
max time kernel
121s -
max time network
124s -
platform
windows7_x64 -
resource
win7-en-20210920 -
submitted
20-10-2021 05:14
General
-
Target
144bc1cda39a3937907159a6977ea8128965e91956f6bd81d785bbf0ecd61c4b.bin.exe
-
Size
4.8MB
-
MD5
07976cdfa58a6a468bcc4f48f8d31fe9
-
SHA1
935e598a59c40999d35db0048eb49d704207a512
-
SHA256
144bc1cda39a3937907159a6977ea8128965e91956f6bd81d785bbf0ecd61c4b
-
SHA512
286277f7fba78ce00f984ead7f8b40ba50477a6ca8f8b028fff5439efa416ecf200e2ad45b0fda9c15a0f526658e8c3026ecb6128426b7737cf002d9713d6b58
Score
10/10
Malware Config
Signatures
-
AsyncRat
AsyncRAT is designed to remotely monitor and control other computers.
-
Async RAT payload 2 IoCs
-
Suspicious use of SetThreadContext 1 IoCs
-
Suspicious use of WriteProcessMemory 6 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\144bc1cda39a3937907159a6977ea8128965e91956f6bd81d785bbf0ecd61c4b.bin.exe"C:\Users\Admin\AppData\Local\Temp\144bc1cda39a3937907159a6977ea8128965e91956f6bd81d785bbf0ecd61c4b.bin.exe"1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\144bc1cda39a3937907159a6977ea8128965e91956f6bd81d785bbf0ecd61c4b.bin.exe"C:\Users\Admin\AppData\Local\Temp\144bc1cda39a3937907159a6977ea8128965e91956f6bd81d785bbf0ecd61c4b.bin.exe"2⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/836-54-0x0000000000400000-0x0000000000A66000-memory.dmpFilesize
6.4MB
-
memory/836-55-0x0000000000400000-0x0000000000A66000-memory.dmpFilesize
6.4MB
-
memory/836-56-0x0000000000A5B63E-mapping.dmp
-
memory/2024-53-0x0000000075821000-0x0000000075823000-memory.dmpFilesize
8KB