Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

skikda.exe

windows7-x64

10

skikda.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    144s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    04/12/2024, 12:30 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    skikda.exe

  • Size

    256KB

  • MD5

    6c366d318dca314f30309b648776cee9

  • SHA1

    e2cfbf16cf16ecda3297b71d9622b45daf52660a

  • SHA256

    1c5db3ae8ccc55502a6f27661de3d86ff5c48eb1b7ab97448efd6c3eaad1bc36

  • SHA512

    5eb743fad92f2dbfc3ef1a0a84d411e13d72f590fe87cdc0f588a595f95f063720d6d2d3a6b43d2a38a5e0f759a1e296c35dc9a235361f08c0051b96fe78707b

  • SSDEEP

    3072:uZ17XdQHAaG/W/acL8Uo2ZauJny4pW6KvcmzWRK9Wvmt/QetG/fU5h/QZ4d2BH4X:mXdFcL8rDI4KTRArG32/K4d8H4BEcWm

Score
10/10
asyncratdefaultrat

Malware Config

Extracted

Family

asyncrat

Version

| Edit 3LOSH RAT

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808
Mutex

MSF

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain
1
FE4ARI35PwpCPxFTFwBbIwOk8sWNurgE

Signatures

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat
  • Asyncrat family
    asyncrat
  • Async RAT payload 1 IoCs
    rat
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\skikda.exe
    "C:\Users\Admin\AppData\Local\Temp\skikda.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1904

Network

    No results found
  • 127.0.0.1:6606
    skikda.exe
  • 127.0.0.1:7707
    skikda.exe
  • 127.0.0.1:7707
    skikda.exe
  • 127.0.0.1:8808
    skikda.exe
  • 127.0.0.1:8808
    skikda.exe
  • 127.0.0.1:6606
    skikda.exe
  • 127.0.0.1:8808
    skikda.exe
  • 127.0.0.1:6606
    skikda.exe
  • 127.0.0.1:6606
    skikda.exe
  • 127.0.0.1:8808
    skikda.exe
  • 127.0.0.1:6606
    skikda.exe
  • 127.0.0.1:7707
    skikda.exe
  • 127.0.0.1:6606
    skikda.exe
  • 127.0.0.1:7707
    skikda.exe
  • 127.0.0.1:8808
    skikda.exe
  • 127.0.0.1:7707
    skikda.exe
  • 127.0.0.1:6606
    skikda.exe
  • 127.0.0.1:8808
    skikda.exe
  • 127.0.0.1:8808
    skikda.exe
  • 127.0.0.1:6606
    skikda.exe
  • 127.0.0.1:8808
    skikda.exe
  • 127.0.0.1:8808
    skikda.exe
  • 127.0.0.1:6606
    skikda.exe
  • 127.0.0.1:6606
    skikda.exe
No results found

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1904-0-0x000007FEF5173000-0x000007FEF5174000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1904-1-0x000000013F8F0000-0x000000013F934000-memory.dmp

    Filesize

    272KB

    Download

  • memory/1904-3-0x000007FEF5170000-0x000007FEF5B5C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/1904-5-0x000007FEF5170000-0x000007FEF5B5C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/1904-4-0x000007FEF5170000-0x000007FEF5B5C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/1904-6-0x00000000020D0000-0x00000000020E6000-memory.dmp

    Filesize

    88KB

    Download

  • memory/1904-7-0x000007FEF5170000-0x000007FEF5B5C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/1904-8-0x000007FEF5170000-0x000007FEF5B5C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/1904-9-0x000007FEF5170000-0x000007FEF5B5C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/1904-10-0x000007FEF5173000-0x000007FEF5174000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1904-11-0x000007FEF5170000-0x000007FEF5B5C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/1904-12-0x000007FEF5170000-0x000007FEF5B5C000-memory.dmp

    Filesize

    9.9MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.