Overview

overview

10

Static

static

ahc.exe

windows7-x64

10

ahc.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    628s
  • max time network
    648s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    05-12-2022 23:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ahc.exe

  • Size

    33KB

  • MD5

    18937aa4c1deb9ce9786ae6961935672

  • SHA1

    707c6f27556695f308e38a3765c06a5a298a96e0

  • SHA256

    fcc7c7e6bdc2db681c9e4d37fcdf0fd19c14b3265d2df9e75d7927d2b7bc8661

  • SHA512

    4084bb4dbf70e48d5274afe0d09e7d2d3c949a9b784330718be0326c6a7b7b4ba22fcf1bd184a32f61aa6bdd0ac649a9a7b756c8562cbfe008705e903968b311

  • SSDEEP

    384:uBwkWUQyUxmt2FdBVVc3j4k+hoPVvEicl3jl+LnOoVaDhbJgk36Obape4q8Zw3E9:cntgjVc3IhoN03IOoV+RXaAJB6SHSF

Score
10/10
asyncratrat

Malware Config

Signatures

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers.

    ratasyncrat
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ahc.exe
    "C:\Users\Admin\AppData\Local\Temp\ahc.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1832

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1832-54-0x000000013F690000-0x000000013F69C000-memory.dmp
    Filesize

    48KB

    Download