Overview
overview
10Static
static
3PROCESO JU...AL.exe
windows7-x64
10PROCESO JU...AL.exe
windows10-2004-x64
10PROCESO JU...ll.dll
windows7-x64
1PROCESO JU...ll.dll
windows10-2004-x64
1PROCESO JU...0u.dll
windows7-x64
1PROCESO JU...0u.dll
windows10-2004-x64
1PROCESO JU...80.dll
windows7-x64
1PROCESO JU...80.dll
windows10-2004-x64
1General
-
Target
PROCESO JURIDICO DOC (1).rev
-
Size
1.2MB
-
Sample
231116-tlcpbsec6y
-
MD5
69b2808f0f2ee355e2e09ab5e88d45f6
-
SHA1
a7e80c5dac318d4d91635262d28cf56aab459f32
-
SHA256
70e66269fdda2a652f36ab5f210fca880072caeb0351511526f830bea0ea4da7
-
SHA512
4d2fab711f79dc0abbb8becbf0fc3280205092b5db540dd4ffbfce57f4993e3647bd204d338c10a9d4c7a8f0c2bdbb800d789ac51dbcaa56f9b046b849093c22
-
SSDEEP
24576:GFS6iLzFA9HEcqqjnQmSGAcJQbKlg5bal+KNzXVhKzfSVbadnmFeVvUXLv:olim9HEKngncJQbKrMMFSfYbAYeVvsv
Static task
static1
Behavioral task
behavioral1
Sample
PROCESO JURIDICO DOC/1-PROCESO JURIDICO PERSONAL.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
PROCESO JURIDICO DOC/1-PROCESO JURIDICO PERSONAL.exe
Resource
win10v2004-20231023-en
Behavioral task
behavioral3
Sample
PROCESO JURIDICO DOC/http_dll.dll
Resource
win7-20231023-en
Behavioral task
behavioral4
Sample
PROCESO JURIDICO DOC/http_dll.dll
Resource
win10v2004-20231023-en
Behavioral task
behavioral5
Sample
PROCESO JURIDICO DOC/mfc80u.dll
Resource
win7-20231023-en
Behavioral task
behavioral6
Sample
PROCESO JURIDICO DOC/mfc80u.dll
Resource
win10v2004-20231020-en
Behavioral task
behavioral7
Sample
PROCESO JURIDICO DOC/msvcr80.dll
Resource
win7-20231023-en
Behavioral task
behavioral8
Sample
PROCESO JURIDICO DOC/msvcr80.dll
Resource
win10v2004-20231020-en
Malware Config
Extracted
asyncrat
| Edit 3LOSH RAT
TRACKMONEY
trackmoney.dynuddns.net:5959
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
PROCESO JURIDICO DOC/1-PROCESO JURIDICO PERSONAL.exe
-
Size
20KB
-
MD5
9329ba45c8b97485926a171e34c2abb8
-
SHA1
20118bc0432b4e8b3660a4b038b20ca28f721e5c
-
SHA256
effa6fcb8759375b4089ccf61202a5c63243f4102872e64e3eb0a1bdc2727659
-
SHA512
0af06b5495142ba0632a46be0778a7bd3d507e9848b3159436aa504536919abbcacd8b740ef4b591296e86604b49e0642fee2c273a45e44b41a80f91a1d52acc
-
SSDEEP
384:Damtvzlx5v02RIDauMTnxOn6sGCYJLW7wycJbi6jc:D7Jv0qpukxO6s6Lhbimc
Score10/10-
Async RAT payload
-
Suspicious use of SetThreadContext
-
-
-
Target
PROCESO JURIDICO DOC/http_dll.dll
-
Size
883KB
-
MD5
41afa1c6d2d553fb524ba32b1a5c8e89
-
SHA1
47dee023914c7fd9ecc7d130d3d0d92842cb7305
-
SHA256
54fc9f4699d8fb59ce1635df5aaa2994b5d924d7b4d7626e1b5d9a406bef899d
-
SHA512
fdf016f10751df0528e15213ba5a2c3c3e9ffc482db819ae56d7245a3925b7fe778c92fb8ef85cbd68e5a1bacf274cf4d3d4b86a610c2549ce52c1471bbb9bdd
-
SSDEEP
24576:Wzq6uStsPOf+2nVWeqnm5dVjPiV95qyq15:Oq/GbVWCPXyq15
Score1/10 -
-
-
Target
PROCESO JURIDICO DOC/mfc80u.dll
-
Size
1.0MB
-
MD5
686b224b4987c22b153fbb545fee9657
-
SHA1
684ee9f018fbb0bbf6ffa590f3782ba49d5d096c
-
SHA256
a2ac851f35066c2f13a7452b7a9a3fee05bfb42907ae77a6b85b212a2227fc36
-
SHA512
44d65db91ceea351d2b6217eaa27358dbc2ed27c9a83d226b59aecb336a9252b60aec5ce5e646706a2af5631d5ee0f721231ec751e97e47bbbc32d5f40908875
-
SSDEEP
12288:wsaHmJ//R12t2PdMvWxMIQ1zoKyK0ivyHCJKjswl/KY6oQy3AmgVk2YDFpR7m81H:KHmJ+tKtxMIQNmCcjswl/KYh/2YFnb
Score1/10 -
-
-
Target
PROCESO JURIDICO DOC/msvcr80.dll
-
Size
617KB
-
MD5
1169436ee42f860c7db37a4692b38f0e
-
SHA1
4ccd15bf2c1b1d541ac883b0f42497e8ced6a5a3
-
SHA256
9382aaed2db19cd75a70e38964f06c63f19f63c9dfb5a33b0c2d445bb41b6e46
-
SHA512
e06064eb95a2ab9c3343672072f5b3f5983fc8ea9e5c92f79e50ba2e259d6d5fa8ed97170dea6d0d032ea6c01e074eefaab850d28965c7522fb7e03d9c65eae0
-
SSDEEP
12288:bxzh9hH5RVKTp0G+vjhr46CIw+0yZmGyYCj:bph9hHzVKOpXwymGyYo
Score1/10 -