Overview

overview

10

Static

static

3

1117a178d3...ff.exe

windows7-x64

10

1117a178d3...ff.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 06:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1117a178d3b5707e66970a1cc4ca7dff.exe

  • Size

    267KB

  • MD5

    1117a178d3b5707e66970a1cc4ca7dff

  • SHA1

    55424036d4fbe2d839c8948750ff1e993291f925

  • SHA256

    7145daaadb17fe1edb602ab605a4c9def13ab42b5ead0bf114d7b9edfc387a34

  • SHA512

    59f6fa0809219a228bf5acd9b3e9574ab1d64914d874085accff505214dab70cf073c46cd409804b180638ec93eaaac307c6700ce128a2d50414f228e1ba0846

  • SSDEEP

    6144:WDKW1Lgbdl0TBBvjc/jqaYfgoEv4eCHI66gGJRLHgpy+P:Qh1Lk70TnvjcbqaYXI66gGJ90nP

Score
10/10
asyncratrat

Malware Config

Signatures

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1117a178d3b5707e66970a1cc4ca7dff.exe
    "C:\Users\Admin\AppData\Local\Temp\1117a178d3b5707e66970a1cc4ca7dff.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2480

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2480-0-0x00000000745E0000-0x0000000074CCE000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2480-1-0x00000000048D0000-0x0000000004910000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2480-2-0x0000000001F30000-0x0000000001F68000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2480-3-0x00000000048D0000-0x0000000004910000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2480-4-0x00000000048D0000-0x0000000004910000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2480-5-0x00000000020A0000-0x00000000020D6000-memory.dmp

    Filesize

    216KB

    Download

  • memory/2480-6-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-17-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-25-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-31-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-35-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-41-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-45-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-49-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-51-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-57-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-69-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-67-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-65-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-63-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-61-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-59-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-55-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-53-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-47-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-262-0x00000000048D0000-0x0000000004910000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2480-263-0x0000000001F70000-0x0000000001F71000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2480-43-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-39-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-37-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-33-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-29-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-27-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-23-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-21-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-19-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-15-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-13-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-11-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-9-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-7-0x00000000020A0000-0x00000000020D0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2480-264-0x00000000745E0000-0x0000000074CCE000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2480-265-0x00000000048D0000-0x0000000004910000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2480-266-0x00000000048D0000-0x0000000004910000-memory.dmp

    Filesize

    256KB

    Download