Overview
overview
10Static
static
303 NOTIFIC......exe
windows7-x64
1003 NOTIFIC......exe
windows10-2004-x64
1003 NOTIFIC...ll.dll
windows7-x64
103 NOTIFIC...ll.dll
windows10-2004-x64
103 NOTIFIC...0u.dll
windows7-x64
103 NOTIFIC...0u.dll
windows10-2004-x64
103 NOTIFIC...80.dll
windows7-x64
103 NOTIFIC...80.dll
windows10-2004-x64
1General
-
Target
03 NOTIFICACION PROCESO FISCAL.REV
-
Size
1.2MB
-
Sample
231114-z9xx3ahd3s
-
MD5
1359abbbd742ef0bc4d4919a36518ac4
-
SHA1
d1621ed2e97fb165ed13b9498bd60a396858c68d
-
SHA256
b56ee8c6ddea46fbc5909302712cc75a310db3189ed314b812428b30b488a429
-
SHA512
a17f78c4af26f78be8a6660bce71b20b292bd8ca6029c3a95ab85cbe3c8fc4d6a92e517118999926f406d4b79c1d83a114fd607a72ea4a422a8d4c03787ebcbd
-
SSDEEP
24576:ne0zf2fpZypjFvgHkZgEGZsoVWR3rHKY6vQS2+Obedy90y0PiFikTw4:e0Kyp2HkiESsoVWR3rq7vQ9+Obedy21Q
Static task
static1
Behavioral task
behavioral1
Sample
03 NOTIFICACION PROCESO FISCAL/03 NOTIFICACION PROCESO FISCAL....exe
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
03 NOTIFICACION PROCESO FISCAL/03 NOTIFICACION PROCESO FISCAL....exe
Resource
win10v2004-20231023-en
Behavioral task
behavioral3
Sample
03 NOTIFICACION PROCESO FISCAL/http_dll.dll
Resource
win7-20231023-en
Behavioral task
behavioral4
Sample
03 NOTIFICACION PROCESO FISCAL/http_dll.dll
Resource
win10v2004-20231023-en
Behavioral task
behavioral5
Sample
03 NOTIFICACION PROCESO FISCAL/mfc80u.dll
Resource
win7-20231020-en
Behavioral task
behavioral6
Sample
03 NOTIFICACION PROCESO FISCAL/mfc80u.dll
Resource
win10v2004-20231025-en
Behavioral task
behavioral7
Sample
03 NOTIFICACION PROCESO FISCAL/msvcr80.dll
Resource
win7-20231023-en
Behavioral task
behavioral8
Sample
03 NOTIFICACION PROCESO FISCAL/msvcr80.dll
Resource
win10v2004-20231023-en
Malware Config
Extracted
asyncrat
| CRACKED BY https://t.me/xworm_v2
Clientes
noescorrecto2023.kozow.com:2021
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
03 NOTIFICACION PROCESO FISCAL/03 NOTIFICACION PROCESO FISCAL....exe
-
Size
20KB
-
MD5
9329ba45c8b97485926a171e34c2abb8
-
SHA1
20118bc0432b4e8b3660a4b038b20ca28f721e5c
-
SHA256
effa6fcb8759375b4089ccf61202a5c63243f4102872e64e3eb0a1bdc2727659
-
SHA512
0af06b5495142ba0632a46be0778a7bd3d507e9848b3159436aa504536919abbcacd8b740ef4b591296e86604b49e0642fee2c273a45e44b41a80f91a1d52acc
-
SSDEEP
384:Damtvzlx5v02RIDauMTnxOn6sGCYJLW7wycJbi6jc:D7Jv0qpukxO6s6Lhbimc
-
Async RAT payload
-
Suspicious use of SetThreadContext
-
-
-
Target
03 NOTIFICACION PROCESO FISCAL/http_dll.dll
-
Size
883KB
-
MD5
cadf7396c40b8d174575bb15f2482634
-
SHA1
0af8c02b178cd7ff57d3c07993dcced4d175078f
-
SHA256
d2b96401dbc69221398394bead4d14d56b11edfa8d62e9e56e7bbebaad1a9e8a
-
SHA512
82f14790c4298dc0c31e79444651e8afe9da21e42860025328524eabd5f7c6eedfffcc4bf99690ea0ff9bcad4e5aa2cd5bf2e411eed534c154cc3bdbe5e98a3c
-
SSDEEP
24576:Wzq6uStsPOf+2nVWeqnm5dVjPiV95ayq15:Oq/GbVWCPjyq15
Score1/10 -
-
-
Target
03 NOTIFICACION PROCESO FISCAL/mfc80u.dll
-
Size
1.0MB
-
MD5
686b224b4987c22b153fbb545fee9657
-
SHA1
684ee9f018fbb0bbf6ffa590f3782ba49d5d096c
-
SHA256
a2ac851f35066c2f13a7452b7a9a3fee05bfb42907ae77a6b85b212a2227fc36
-
SHA512
44d65db91ceea351d2b6217eaa27358dbc2ed27c9a83d226b59aecb336a9252b60aec5ce5e646706a2af5631d5ee0f721231ec751e97e47bbbc32d5f40908875
-
SSDEEP
12288:wsaHmJ//R12t2PdMvWxMIQ1zoKyK0ivyHCJKjswl/KY6oQy3AmgVk2YDFpR7m81H:KHmJ+tKtxMIQNmCcjswl/KYh/2YFnb
Score1/10 -
-
-
Target
03 NOTIFICACION PROCESO FISCAL/msvcr80.dll
-
Size
617KB
-
MD5
1169436ee42f860c7db37a4692b38f0e
-
SHA1
4ccd15bf2c1b1d541ac883b0f42497e8ced6a5a3
-
SHA256
9382aaed2db19cd75a70e38964f06c63f19f63c9dfb5a33b0c2d445bb41b6e46
-
SHA512
e06064eb95a2ab9c3343672072f5b3f5983fc8ea9e5c92f79e50ba2e259d6d5fa8ed97170dea6d0d032ea6c01e074eefaab850d28965c7522fb7e03d9c65eae0
-
SSDEEP
12288:bxzh9hH5RVKTp0G+vjhr46CIw+0yZmGyYCj:bph9hHzVKOpXwymGyYo
Score1/10 -