Overview
overview
10Static
static
3PROCESO JU...(1).7z
windows7-x64
3PROCESO JU...(1).7z
windows10-2004-x64
3PROCESO JU...AL.exe
windows7-x64
10PROCESO JU...AL.exe
windows10-2004-x64
10PROCESO JU...nifest
windows7-x64
3PROCESO JU...nifest
windows10-2004-x64
3PROCESO JU...nifest
windows7-x64
3PROCESO JU...nifest
windows10-2004-x64
3PROCESO JU...OC.xml
windows7-x64
1PROCESO JU...OC.xml
windows10-2004-x64
1PROCESO JU...ll.dll
windows7-x64
1PROCESO JU...ll.dll
windows10-2004-x64
1PROCESO JU...0u.dll
windows7-x64
1PROCESO JU...0u.dll
windows10-2004-x64
1PROCESO JU...ni.png
windows7-x64
1PROCESO JU...ni.png
windows10-2004-x64
3PROCESO JU...80.dll
windows7-x64
1PROCESO JU...80.dll
windows10-2004-x64
1General
-
Target
PROCESO JURIDICO DOC (1).rev
-
Size
1.2MB
-
Sample
231116-dl5r4sfc76
-
MD5
69b2808f0f2ee355e2e09ab5e88d45f6
-
SHA1
a7e80c5dac318d4d91635262d28cf56aab459f32
-
SHA256
70e66269fdda2a652f36ab5f210fca880072caeb0351511526f830bea0ea4da7
-
SHA512
4d2fab711f79dc0abbb8becbf0fc3280205092b5db540dd4ffbfce57f4993e3647bd204d338c10a9d4c7a8f0c2bdbb800d789ac51dbcaa56f9b046b849093c22
-
SSDEEP
24576:GFS6iLzFA9HEcqqjnQmSGAcJQbKlg5bal+KNzXVhKzfSVbadnmFeVvUXLv:olim9HEKngncJQbKrMMFSfYbAYeVvsv
Static task
static1
Behavioral task
behavioral1
Sample
PROCESO JURIDICO DOC (1).7z
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
PROCESO JURIDICO DOC (1).7z
Resource
win10v2004-20231023-en
Behavioral task
behavioral3
Sample
PROCESO JURIDICO DOC/1-PROCESO JURIDICO PERSONAL.exe
Resource
win7-20231023-en
Behavioral task
behavioral4
Sample
PROCESO JURIDICO DOC/1-PROCESO JURIDICO PERSONAL.exe
Resource
win10v2004-20231023-en
Behavioral task
behavioral5
Sample
PROCESO JURIDICO DOC/Microsoft.VC80.CRT.manifest
Resource
win7-20231025-en
Behavioral task
behavioral6
Sample
PROCESO JURIDICO DOC/Microsoft.VC80.CRT.manifest
Resource
win10v2004-20231023-en
Behavioral task
behavioral7
Sample
PROCESO JURIDICO DOC/Microsoft.VC80.MFC.manifest
Resource
win7-20231023-en
Behavioral task
behavioral8
Sample
PROCESO JURIDICO DOC/Microsoft.VC80.MFC.manifest
Resource
win10v2004-20231020-en
Behavioral task
behavioral9
Sample
PROCESO JURIDICO DOC/Microsoft.VC80.MFCLOC.xml
Resource
win7-20231023-en
Behavioral task
behavioral10
Sample
PROCESO JURIDICO DOC/Microsoft.VC80.MFCLOC.xml
Resource
win10v2004-20231020-en
Behavioral task
behavioral11
Sample
PROCESO JURIDICO DOC/http_dll.dll
Resource
win7-20231020-en
Behavioral task
behavioral12
Sample
PROCESO JURIDICO DOC/http_dll.dll
Resource
win10v2004-20231023-en
Behavioral task
behavioral13
Sample
PROCESO JURIDICO DOC/mfc80u.dll
Resource
win7-20231023-en
Behavioral task
behavioral14
Sample
PROCESO JURIDICO DOC/mfc80u.dll
Resource
win10v2004-20231025-en
Behavioral task
behavioral15
Sample
PROCESO JURIDICO DOC/monokini.png
Resource
win7-20231023-en
Behavioral task
behavioral16
Sample
PROCESO JURIDICO DOC/monokini.png
Resource
win10v2004-20231020-en
Behavioral task
behavioral17
Sample
PROCESO JURIDICO DOC/msvcr80.dll
Resource
win7-20231023-en
Behavioral task
behavioral18
Sample
PROCESO JURIDICO DOC/msvcr80.dll
Resource
win10v2004-20231020-en
Malware Config
Extracted
asyncrat
| Edit 3LOSH RAT
TRACKMONEY
trackmoney.dynuddns.net:5959
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
PROCESO JURIDICO DOC (1).rev
-
Size
1.2MB
-
MD5
69b2808f0f2ee355e2e09ab5e88d45f6
-
SHA1
a7e80c5dac318d4d91635262d28cf56aab459f32
-
SHA256
70e66269fdda2a652f36ab5f210fca880072caeb0351511526f830bea0ea4da7
-
SHA512
4d2fab711f79dc0abbb8becbf0fc3280205092b5db540dd4ffbfce57f4993e3647bd204d338c10a9d4c7a8f0c2bdbb800d789ac51dbcaa56f9b046b849093c22
-
SSDEEP
24576:GFS6iLzFA9HEcqqjnQmSGAcJQbKlg5bal+KNzXVhKzfSVbadnmFeVvUXLv:olim9HEKngncJQbKrMMFSfYbAYeVvsv
Score3/10 -
-
-
Target
PROCESO JURIDICO DOC/1-PROCESO JURIDICO PERSONAL.exe
-
Size
20KB
-
MD5
9329ba45c8b97485926a171e34c2abb8
-
SHA1
20118bc0432b4e8b3660a4b038b20ca28f721e5c
-
SHA256
effa6fcb8759375b4089ccf61202a5c63243f4102872e64e3eb0a1bdc2727659
-
SHA512
0af06b5495142ba0632a46be0778a7bd3d507e9848b3159436aa504536919abbcacd8b740ef4b591296e86604b49e0642fee2c273a45e44b41a80f91a1d52acc
-
SSDEEP
384:Damtvzlx5v02RIDauMTnxOn6sGCYJLW7wycJbi6jc:D7Jv0qpukxO6s6Lhbimc
Score10/10-
Async RAT payload
-
Suspicious use of SetThreadContext
-
-
-
Target
PROCESO JURIDICO DOC/Microsoft.VC80.CRT.manifest
-
Size
1KB
-
MD5
d34b3da03c59f38a510eaa8ccc151ec7
-
SHA1
41b978588a9902f5e14b2b693973cb210ed900b2
-
SHA256
a50941352cb9d8f7ba6fbf7db5c8af95fb5ab76fc5d60cfd0984e558678908cc
-
SHA512
231a97761d652a0fc133b930abba07d456ba6cd70703a632fd7292f6ee00e50ef28562159e54acc3fc6cc118f766ea3f2f8392579ae31cc9c0c1c0dd761d36f7
Score3/10 -
-
-
Target
PROCESO JURIDICO DOC/Microsoft.VC80.MFC.manifest
-
Size
2KB
-
MD5
f1bb778577cfb1e45adfbb2eaaad7f58
-
SHA1
171b0121b165b701482f96b02e7adffd6c799fce
-
SHA256
53b6cdab4a829674082048606a65111a2d6ac3a1b2bcfb8be34d8296590d42de
-
SHA512
4d125d773a3dd6a0cb755b69053f7d305de03c3fa9854a87a9ecf504c23c8c37ba3fe533b0cd45762b340e6b8065d33bf7280a76376077fb734eae52f950249d
Score3/10 -
-
-
Target
PROCESO JURIDICO DOC/Microsoft.VC80.MFCLOC.manifest
-
Size
1KB
-
MD5
526c8811d11c65f7ebca8d5f38421188
-
SHA1
f964cc250e326101f636a6293ecc710761ef7ccf
-
SHA256
571af1ea18ca3f68c321975e7b1a1146b00dfa9349d5711a30c7cf89045a6a1a
-
SHA512
42e328781bfff24112d6d9c2a84cf2de95dc9767b8b4dd8b6de099722c236350401e483c2710196dd7092c5b9a03f65a6938dd680e5a2cbbc288a6344f950929
Score1/10 -
-
-
Target
PROCESO JURIDICO DOC/http_dll.dll
-
Size
883KB
-
MD5
41afa1c6d2d553fb524ba32b1a5c8e89
-
SHA1
47dee023914c7fd9ecc7d130d3d0d92842cb7305
-
SHA256
54fc9f4699d8fb59ce1635df5aaa2994b5d924d7b4d7626e1b5d9a406bef899d
-
SHA512
fdf016f10751df0528e15213ba5a2c3c3e9ffc482db819ae56d7245a3925b7fe778c92fb8ef85cbd68e5a1bacf274cf4d3d4b86a610c2549ce52c1471bbb9bdd
-
SSDEEP
24576:Wzq6uStsPOf+2nVWeqnm5dVjPiV95qyq15:Oq/GbVWCPXyq15
Score1/10 -
-
-
Target
PROCESO JURIDICO DOC/mfc80u.dll
-
Size
1.0MB
-
MD5
686b224b4987c22b153fbb545fee9657
-
SHA1
684ee9f018fbb0bbf6ffa590f3782ba49d5d096c
-
SHA256
a2ac851f35066c2f13a7452b7a9a3fee05bfb42907ae77a6b85b212a2227fc36
-
SHA512
44d65db91ceea351d2b6217eaa27358dbc2ed27c9a83d226b59aecb336a9252b60aec5ce5e646706a2af5631d5ee0f721231ec751e97e47bbbc32d5f40908875
-
SSDEEP
12288:wsaHmJ//R12t2PdMvWxMIQ1zoKyK0ivyHCJKjswl/KY6oQy3AmgVk2YDFpR7m81H:KHmJ+tKtxMIQNmCcjswl/KYh/2YFnb
Score1/10 -
-
-
Target
PROCESO JURIDICO DOC/monokini.iso
-
Size
469KB
-
MD5
cce722ea5d5d26faa99c8402108ed5bf
-
SHA1
7c0f36e861d120c313090b455caa4bc2ed44f630
-
SHA256
bb36906e9933749c460c38a45966744788b0e617877cc6e757fe3714ed67c259
-
SHA512
3f52185bf60420b4d29d2f6029ac7677d4d516d4b9efc46f86f9f7bada7e9600cea78527c3ea31e207be7a2f83eea439c005a6dc5b185801a62276b2d218ff11
-
SSDEEP
12288:6K0REJsURco2EwiLYW3EthhMwzgFBfe63FuIY:6pAuVENLYJthHgFBmoW
Score3/10 -
-
-
Target
PROCESO JURIDICO DOC/msvcr80.dll
-
Size
617KB
-
MD5
1169436ee42f860c7db37a4692b38f0e
-
SHA1
4ccd15bf2c1b1d541ac883b0f42497e8ced6a5a3
-
SHA256
9382aaed2db19cd75a70e38964f06c63f19f63c9dfb5a33b0c2d445bb41b6e46
-
SHA512
e06064eb95a2ab9c3343672072f5b3f5983fc8ea9e5c92f79e50ba2e259d6d5fa8ed97170dea6d0d032ea6c01e074eefaab850d28965c7522fb7e03d9c65eae0
-
SSDEEP
12288:bxzh9hH5RVKTp0G+vjhr46CIw+0yZmGyYCj:bph9hHzVKOpXwymGyYo
Score1/10 -