Analysis
-
max time kernel
359s -
max time network
602s -
platform
windows7_x64 -
resource
win7-en-20211208 -
submitted
27-01-2022 00:07
Behavioral task
behavioral1
Sample
ASyncClient.exe
Resource
win7-en-20211208
windows7_x64
0 signatures
0 seconds
General
-
Target
ASyncClient.exe
-
Size
47KB
-
MD5
a55e7fac7220b4c104731b3c5bc1c3d0
-
SHA1
9bfd7a6eff366cf1aa32d170082c988cb563eb13
-
SHA256
fbe40109ce79c04cd5b3e60bdf8fe625aaf66d56ca2d41be88597f9033ae22e7
-
SHA512
779657acd0684933b51d06d03fb459e79049f6655b5da76a12b01dfcd9f4e10687aa515017559c708d5fc5221a29b377b263c8db986c39a88137df4a40d34f27
Malware Config
Signatures
-
Async RAT payload 1 IoCs
Processes:
resource yara_rule behavioral1/memory/1680-54-0x00000000001F0000-0x0000000000202000-memory.dmp asyncrat -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
ASyncClient.exedescription pid process Token: SeDebugPrivilege 1680 ASyncClient.exe