General
-
Target
Noviembre Factura.exe
-
Size
2.0MB
-
Sample
240131-kv1m3sgga9
-
MD5
6b2b82774ca1bc161170a2a803638387
-
SHA1
90ed4f5d751c48ce094813b9971af6b42ccd83ad
-
SHA256
40b2c8937a96f8c487a16197cbdd1394d12fba0141571f8b529f94c87f5e56c6
-
SHA512
9e992b11011df9464b8a36ced23db41e565e9896c156d10cde2b6c375242c8daaf4f7a796424818c42cb08b39d152aa287a2a477c405a65db35449c1206cbb4d
-
SSDEEP
49152:o3TAXbGranK0EOOY+2sduESYKgmSvReju+txoZAmAc:o3UXbGra+OodXNmSpeq0xUdA
Static task
static1
Behavioral task
behavioral1
Sample
Noviembre Factura.exe
Resource
win7-20231215-en
Malware Config
Extracted
asyncrat
0.5.8
Default
172.94.32.33:6606
172.94.32.33:7707
172.94.32.33:8808
172.94.32.33:8881
Aln2RDZhMnvc
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
Noviembre Factura.exe
-
Size
2.0MB
-
MD5
6b2b82774ca1bc161170a2a803638387
-
SHA1
90ed4f5d751c48ce094813b9971af6b42ccd83ad
-
SHA256
40b2c8937a96f8c487a16197cbdd1394d12fba0141571f8b529f94c87f5e56c6
-
SHA512
9e992b11011df9464b8a36ced23db41e565e9896c156d10cde2b6c375242c8daaf4f7a796424818c42cb08b39d152aa287a2a477c405a65db35449c1206cbb4d
-
SSDEEP
49152:o3TAXbGranK0EOOY+2sduESYKgmSvReju+txoZAmAc:o3UXbGra+OodXNmSpeq0xUdA
-
Async RAT payload
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-