Article Per Year (5 Year)
p-Index From 2021 - 2026
0.23
P-Index
This Author published in this journals
All Journal JSAI (Journal Scientific and Applied Informatics)
Kahfi, Juan Haniful
Unknown Affiliation
Computer Science & IT

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search

 1 
Analisis Malware Archer.exe untuk Identifikasi Potensi Ancaman pada Sistem Operasi Menggunakan Metode Hybrid Analysis Kahfi, Juan Haniful; Siregar, Johannes Hamonangan
JSAI (Journal Scientific and Applied Informatics) Vol 8 No 2 (2025): Juni
Publisher : Fakultas Teknik Universitas Muhammadiyah Bengkulu

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.36085/jsai.v8i2.8269

Abstract

Cybersecurity has become a primary concern in the digital era, particularly regarding malware attacks targeting the Windows operating system. This study aims to analyze a Remote Access Trojan (RAT)-type malware named archer.exe, obtained from the Any.run platform. The method used is hybrid analysis, a combination of static analysis and dynamic analysis, to provide a comprehensive understanding of the malware's structure and behavior. Static analysis results show that archer.exe is a Portable Executable (PE) file with a size of 829.35 KB and employs packing techniques to conceal its payload. Meanwhile, dynamic analysis reveals that the malware modifies system registry keys, spawns child processes such as rundll32.exe and cmd.exe, and establishes a network connection to a Command and Control (C2) server at IP address 192.169.69.26 via the domain dominoduck2101.duckdns.org. These findings indicate that archer.exe poses a high risk of remote system access, data theft, and malicious background activity without user awareness. This study demonstrates that the hybrid analysis method is effective in identifying hidden threats and malicious behavior of RAT-type malware on Windows 10 systems.
Co-Authors Johannes Hamonangan Siregar