Overview

overview

10

Static

static

10

Dangerous ...dd.zip

windows7-x64

1

Dangerous ...dd.zip

windows10-2004-x64

1

Dangerous ...nd.exe

windows7-x64

1

Dangerous ...nd.exe

windows10-2004-x64

1

Dangerous ...ox.dll

windows7-x64

1

Dangerous ...ox.dll

windows10-2004-x64

1

Dangerous ...og.rtf

windows7-x64

4

Dangerous ...og.rtf

windows10-2004-x64

1

Dangerous ...nd.exe

windows7-x64

1

Dangerous ...nd.exe

windows10-2004-x64

Dangerous ...ub.exe

windows7-x64

3

Dangerous ...ub.exe

windows10-2004-x64

7

Dangerous ...ub.exe

windows7-x64

1

Dangerous ...ub.exe

windows10-2004-x64

1

Dangerous ...ub.vbs

windows7-x64

1

Dangerous ...ub.vbs

windows10-2004-x64

1

Dangerous ...il.dll

windows7-x64

1

Dangerous ...il.dll

windows10-2004-x64

1

Dangerous ...io.dll

windows7-x64

1

Dangerous ...io.dll

windows10-2004-x64

1

Dangerous ...20.exe

windows7-x64

10

Dangerous ...20.exe

windows10-2004-x64

10

Dangerous ...ad.exe

windows7-x64

Dangerous ...ad.exe

windows10-2004-x64

10

Dangerous ...AN.exe

windows7-x64

1

Dangerous ...AN.exe

windows10-2004-x64

1

Dangerous ...df.exe

windows7-x64

1

Dangerous ...df.exe

windows10-2004-x64

1

Dangerous ...nt.dll

windows7-x64

1

Dangerous ...nt.dll

windows10-2004-x64

1

Dangerous ...nx.dll

windows7-x64

1

Dangerous ...nx.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    1s
  • max time network
    128s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231130-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231130-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-12-2023 22:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Dangerous RAT 2020 Crackedd/Plugin/AN.exe

  • Size

    15KB

  • MD5

    d8bd6580617429c127bf1986f02006bf

  • SHA1

    8326e56f7e1a3ae1a923e72ba8723dbc6ee5f4f0

  • SHA256

    aadf0c5019cabefb8b33acb7de63b2d4dbf51a0a47a2550633b9a988675bcd0a

  • SHA512

    2b72502031b771db467a77a12e0c6fe0e620e858364af96a97c13a27903d9e1261e403640856bd64c83ba3d82ad70dd26a1250443df28e8cdde1966357e33e75

  • SSDEEP

    384:Jas/P8/d+yU99rbb09VkwqELjwF2pMT0HWSJ1i:Jau81Y9bbsxJi

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Dangerous RAT 2020 Crackedd\Plugin\AN.exe
    "C:\Users\Admin\AppData\Local\Temp\Dangerous RAT 2020 Crackedd\Plugin\AN.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1148

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1148-2-0x00000000016E0000-0x00000000016F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1148-4-0x00007FF8B9F10000-0x00007FF8BA8B1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/1148-5-0x000000001C920000-0x000000001C9BC000-memory.dmp

    Filesize

    624KB

    Download

  • memory/1148-3-0x000000001C3B0000-0x000000001C87E000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/1148-1-0x00007FF8B9F10000-0x00007FF8BA8B1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/1148-0-0x000000001BE30000-0x000000001BED6000-memory.dmp

    Filesize

    664KB

    Download

  • memory/1148-7-0x000000001CA80000-0x000000001CACC000-memory.dmp

    Filesize

    304KB

    Download

  • memory/1148-6-0x00000000016B0000-0x00000000016B8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/1148-8-0x00000000016E0000-0x00000000016F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1148-9-0x00000000016E0000-0x00000000016F0000-memory.dmp

    Filesize

    64KB

    Download