General

  • Target

    PROCESO JURIDICO DOC (1).rev

  • Size

    1.2MB

  • Sample

    231116-dl5r4sfc76

  • MD5

    69b2808f0f2ee355e2e09ab5e88d45f6

  • SHA1

    a7e80c5dac318d4d91635262d28cf56aab459f32

  • SHA256

    70e66269fdda2a652f36ab5f210fca880072caeb0351511526f830bea0ea4da7

  • SHA512

    4d2fab711f79dc0abbb8becbf0fc3280205092b5db540dd4ffbfce57f4993e3647bd204d338c10a9d4c7a8f0c2bdbb800d789ac51dbcaa56f9b046b849093c22

  • SSDEEP

    24576:GFS6iLzFA9HEcqqjnQmSGAcJQbKlg5bal+KNzXVhKzfSVbadnmFeVvUXLv:olim9HEKngncJQbKrMMFSfYbAYeVvsv

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

| Edit 3LOSH RAT

Botnet

TRACKMONEY

C2

trackmoney.dynuddns.net:5959

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      PROCESO JURIDICO DOC (1).rev

    • Size

      1.2MB

    • MD5

      69b2808f0f2ee355e2e09ab5e88d45f6

    • SHA1

      a7e80c5dac318d4d91635262d28cf56aab459f32

    • SHA256

      70e66269fdda2a652f36ab5f210fca880072caeb0351511526f830bea0ea4da7

    • SHA512

      4d2fab711f79dc0abbb8becbf0fc3280205092b5db540dd4ffbfce57f4993e3647bd204d338c10a9d4c7a8f0c2bdbb800d789ac51dbcaa56f9b046b849093c22

    • SSDEEP

      24576:GFS6iLzFA9HEcqqjnQmSGAcJQbKlg5bal+KNzXVhKzfSVbadnmFeVvUXLv:olim9HEKngncJQbKrMMFSfYbAYeVvsv

    Score
    3/10
    • Target

      PROCESO JURIDICO DOC/1-PROCESO JURIDICO PERSONAL.exe

    • Size

      20KB

    • MD5

      9329ba45c8b97485926a171e34c2abb8

    • SHA1

      20118bc0432b4e8b3660a4b038b20ca28f721e5c

    • SHA256

      effa6fcb8759375b4089ccf61202a5c63243f4102872e64e3eb0a1bdc2727659

    • SHA512

      0af06b5495142ba0632a46be0778a7bd3d507e9848b3159436aa504536919abbcacd8b740ef4b591296e86604b49e0642fee2c273a45e44b41a80f91a1d52acc

    • SSDEEP

      384:Damtvzlx5v02RIDauMTnxOn6sGCYJLW7wycJbi6jc:D7Jv0qpukxO6s6Lhbimc

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

    • Suspicious use of SetThreadContext

    • Target

      PROCESO JURIDICO DOC/Microsoft.VC80.CRT.manifest

    • Size

      1KB

    • MD5

      d34b3da03c59f38a510eaa8ccc151ec7

    • SHA1

      41b978588a9902f5e14b2b693973cb210ed900b2

    • SHA256

      a50941352cb9d8f7ba6fbf7db5c8af95fb5ab76fc5d60cfd0984e558678908cc

    • SHA512

      231a97761d652a0fc133b930abba07d456ba6cd70703a632fd7292f6ee00e50ef28562159e54acc3fc6cc118f766ea3f2f8392579ae31cc9c0c1c0dd761d36f7

    Score
    3/10
    • Target

      PROCESO JURIDICO DOC/Microsoft.VC80.MFC.manifest

    • Size

      2KB

    • MD5

      f1bb778577cfb1e45adfbb2eaaad7f58

    • SHA1

      171b0121b165b701482f96b02e7adffd6c799fce

    • SHA256

      53b6cdab4a829674082048606a65111a2d6ac3a1b2bcfb8be34d8296590d42de

    • SHA512

      4d125d773a3dd6a0cb755b69053f7d305de03c3fa9854a87a9ecf504c23c8c37ba3fe533b0cd45762b340e6b8065d33bf7280a76376077fb734eae52f950249d

    Score
    3/10
    • Target

      PROCESO JURIDICO DOC/Microsoft.VC80.MFCLOC.manifest

    • Size

      1KB

    • MD5

      526c8811d11c65f7ebca8d5f38421188

    • SHA1

      f964cc250e326101f636a6293ecc710761ef7ccf

    • SHA256

      571af1ea18ca3f68c321975e7b1a1146b00dfa9349d5711a30c7cf89045a6a1a

    • SHA512

      42e328781bfff24112d6d9c2a84cf2de95dc9767b8b4dd8b6de099722c236350401e483c2710196dd7092c5b9a03f65a6938dd680e5a2cbbc288a6344f950929

    Score
    1/10
    • Target

      PROCESO JURIDICO DOC/http_dll.dll

    • Size

      883KB

    • MD5

      41afa1c6d2d553fb524ba32b1a5c8e89

    • SHA1

      47dee023914c7fd9ecc7d130d3d0d92842cb7305

    • SHA256

      54fc9f4699d8fb59ce1635df5aaa2994b5d924d7b4d7626e1b5d9a406bef899d

    • SHA512

      fdf016f10751df0528e15213ba5a2c3c3e9ffc482db819ae56d7245a3925b7fe778c92fb8ef85cbd68e5a1bacf274cf4d3d4b86a610c2549ce52c1471bbb9bdd

    • SSDEEP

      24576:Wzq6uStsPOf+2nVWeqnm5dVjPiV95qyq15:Oq/GbVWCPXyq15

    Score
    1/10
    • Target

      PROCESO JURIDICO DOC/mfc80u.dll

    • Size

      1.0MB

    • MD5

      686b224b4987c22b153fbb545fee9657

    • SHA1

      684ee9f018fbb0bbf6ffa590f3782ba49d5d096c

    • SHA256

      a2ac851f35066c2f13a7452b7a9a3fee05bfb42907ae77a6b85b212a2227fc36

    • SHA512

      44d65db91ceea351d2b6217eaa27358dbc2ed27c9a83d226b59aecb336a9252b60aec5ce5e646706a2af5631d5ee0f721231ec751e97e47bbbc32d5f40908875

    • SSDEEP

      12288:wsaHmJ//R12t2PdMvWxMIQ1zoKyK0ivyHCJKjswl/KY6oQy3AmgVk2YDFpR7m81H:KHmJ+tKtxMIQNmCcjswl/KYh/2YFnb

    Score
    1/10
    • Target

      PROCESO JURIDICO DOC/monokini.iso

    • Size

      469KB

    • MD5

      cce722ea5d5d26faa99c8402108ed5bf

    • SHA1

      7c0f36e861d120c313090b455caa4bc2ed44f630

    • SHA256

      bb36906e9933749c460c38a45966744788b0e617877cc6e757fe3714ed67c259

    • SHA512

      3f52185bf60420b4d29d2f6029ac7677d4d516d4b9efc46f86f9f7bada7e9600cea78527c3ea31e207be7a2f83eea439c005a6dc5b185801a62276b2d218ff11

    • SSDEEP

      12288:6K0REJsURco2EwiLYW3EthhMwzgFBfe63FuIY:6pAuVENLYJthHgFBmoW

    Score
    3/10
    • Target

      PROCESO JURIDICO DOC/msvcr80.dll

    • Size

      617KB

    • MD5

      1169436ee42f860c7db37a4692b38f0e

    • SHA1

      4ccd15bf2c1b1d541ac883b0f42497e8ced6a5a3

    • SHA256

      9382aaed2db19cd75a70e38964f06c63f19f63c9dfb5a33b0c2d445bb41b6e46

    • SHA512

      e06064eb95a2ab9c3343672072f5b3f5983fc8ea9e5c92f79e50ba2e259d6d5fa8ed97170dea6d0d032ea6c01e074eefaab850d28965c7522fb7e03d9c65eae0

    • SSDEEP

      12288:bxzh9hH5RVKTp0G+vjhr46CIw+0yZmGyYCj:bph9hHzVKOpXwymGyYo

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks