Overview

overview

10

Static

static

1

Notificaci...51.zip

windows10-2004-x64

1

Notificaci...df.exe

windows10-2004-x64

10

Notificaci....0.dll

windows10-2004-x64

3

Notificaci....0.dll

windows10-2004-x64

3

Notificaci....0.dll

windows10-2004-x64

3

Notificaci....0.dll

windows10-2004-x64

3

Notificaci...nv.dll

windows10-2004-x64

3

Notificaci...tl.dll

windows10-2004-x64

3

Notificaci...o.html

windows10-2004-x64

1

Notificaci...ls.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Notificacion Judicial 854651.Tar

  • Size

    1.9MB

  • Sample

    240423-dz82pacd29

  • MD5

    7491134b6f3cc4d976effa472cf6d98d

  • SHA1

    fbc37f23287a4b599b1f1fa4d356bfd559b044f1

  • SHA256

    27ebf2af9882393ec6c1ebd17a32c607b08337d419ad93692b9cb44ba54c47cc

  • SHA512

    dcac4763a24146adf2dac7d6cf3926e9a9e24200537fe5cddba28c25f9c250d0781a1c39d11eb68929282a524a3a87211f418a244d8bac3c85307f4d8710bc9a

  • SSDEEP

    24576:gTg+PUG+Kt6CX2VtF+XY6EupwGamZp6ic85SKQ8ZbvGBCkk1DuvwxrWgoTTzo2F1:gTXsbuwoZfaYTcX+vvkk1Gwx+zVGzMsA

Score
10/10
asyncratpoweruprat

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

POWERUP

C2

powerup.dynuddns.net:6161

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_file

    secure.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      Notificacion Judicial 854651.Tar

    • Size

      1.9MB

    • MD5

      7491134b6f3cc4d976effa472cf6d98d

    • SHA1

      fbc37f23287a4b599b1f1fa4d356bfd559b044f1

    • SHA256

      27ebf2af9882393ec6c1ebd17a32c607b08337d419ad93692b9cb44ba54c47cc

    • SHA512

      dcac4763a24146adf2dac7d6cf3926e9a9e24200537fe5cddba28c25f9c250d0781a1c39d11eb68929282a524a3a87211f418a244d8bac3c85307f4d8710bc9a

    • SSDEEP

      24576:gTg+PUG+Kt6CX2VtF+XY6EupwGamZp6ic85SKQ8ZbvGBCkk1DuvwxrWgoTTzo2F1:gTXsbuwoZfaYTcX+vvkk1Gwx+zVGzMsA

    Score
    1/10
    behavioral1

    • Target

      Notificacion Judicial 854651/Notificacion_juzgadoPdf.exe

    • Size

      63KB

    • MD5

      ae224c5e196ff381836c9e95deebb7d5

    • SHA1

      910446a2a0f4e53307b6fdeb1a3e236c929e2ef4

    • SHA256

      bf933ccf86c55fc328e343b55dbf2e8ebd528e8a0a54f8f659cd0d4b4f261f26

    • SHA512

      f845dbb13b04f76b6823bec48e1c47f96bcbd6d02a834c8b128ac750fe338b53f775ee2a8784e8c443d49dfcb918c5b9d59b5492a1fe18743b8ba65b7d12514c

    • SSDEEP

      1536:Wio8DVyYs7JZT0uPXn8OS6sIe3ekT5Z240jSZk:WkhyYIJZT0uPXn8OdsIe3c4Ql

    Score
    10/10
    asyncratpoweruprat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Suspicious use of SetThreadContext

    behavioral2

    • Target

      Notificacion Judicial 854651/glib-2.0.dll

    • Size

      1.0MB

    • MD5

      4faf157a52aae6ec27e4dd7cb9bb1aee

    • SHA1

      532e8661f8837bfcbd846e43e7d6031eba001154

    • SHA256

      cbdd38f849aae207a95e64cda0568e2b2ddbb4e1a92bfb65e70ed15f42635fff

    • SHA512

      6832a0884e34a02621d5151ba42bded39969f9dcec34c465619aa8d647500a2abf2b324f338320da15729a34dee113e3fa87e6821c86cdd4fbc849d4662a7b0c

    • SSDEEP

      24576:PekMj5RU/KFHOTHRMQMa62jcS/KPDIj5d0HlaQrVmPQk:PekMjoKsRMQ+S/iDIj5d0FfVmYk

    Score
    3/10
    behavioral3

    • Target

      Notificacion Judicial 854651/gmodule-2.0.dll

    • Size

      24KB

    • MD5

      b0a421b1534f3194132ec091780472d8

    • SHA1

      699b1edc2cb19a48999a52a62a57ffc0f48f1a78

    • SHA256

      2d6bc34b38bc0abf0c5e2f40e2513b4df47af57848534e011a76d4e974ad958b

    • SHA512

      ba74654843c5b0f94dfefbed81cbee4c5f360193ef8ea92836c712fbeada39fa8179a51f0849f6c4be23add1ced08f5e25f873c4b0e7533ae647fa2b19b83f98

    • SSDEEP

      384:3yCTiyTIlmltk6yvfEPLS9OeGYDVEiAhbJM8bDmnYPLm6HEGJqUHeMN6B:3yCWyTIlmltTQO87hB3QX/mz

    Score
    3/10
    behavioral4

    • Target

      Notificacion Judicial 854651/gobject-2.0.dll

    • Size

      281KB

    • MD5

      24a7a712160abc3f23f7410b18de85b8

    • SHA1

      a01c3e116b6496c9feaa2951f6f6633bb403c3a1

    • SHA256

      78dd76027e10c17824978db821777fcaa58d7cd5d5eb9d80d6ee817e26b18ab8

    • SHA512

      d1f14a7bd44e1fc9bfc61f0b751ee6e0677322807ce5621206eeef898bab6c71ef1464962b20dc50f706084e53281a0d4b6d9142c6c1170a1e0a5fe4b12171df

    • SSDEEP

      3072:2OoLt6w1bALJPPcGPXGHv5aHi9IdzMxtcZJPn4/3KLW6QgMFhQZhXMGSQQ8:qLt6w1byk+2H/c8YPn4SLWQMFhQZOQj

    Score
    3/10
    behavioral5

    • Target

      Notificacion Judicial 854651/gthread-2.0.dll

    • Size

      31KB

    • MD5

      78cf6611f6928a64b03a57fe218c3cd4

    • SHA1

      c3f167e719aa944af2e80941ac629d39cec22308

    • SHA256

      dbaad965702b89c371462e735dd925c694eda8d8557b280f7264bba992c0e698

    • SHA512

      5caf019a6b75ba0330b8d0b60d362201d4863c0f3d70d2a9c84b6dbea2027d09bc8a6433820f28a41d126c7aaa13dbe126b38dc5c6d14a67ddef402fed9d9b7c

    • SSDEEP

      384:Uwu65o6vunfhlfz2bWTQHaFZDGXoM6m2SNqslNkMgq4w8w/nYPLm6HEGJqUHeMYD:Uwfo6vITf3QHanSYM6pUmMDQw/R2Kf

    Score
    3/10
    behavioral6

    • Target

      Notificacion Judicial 854651/iconv.dll

    • Size

      1.1MB

    • MD5

      862dfc9bf209a46d6f4874614a6631cc

    • SHA1

      43216aae64df217cba009145b6f9ad5b97fe927a

    • SHA256

      84538f1aacebf9daad9fdb856611ab3d98a6d71c9ec79a8250eee694d2652a8b

    • SHA512

      b0611cd9ad441871cca62291913197257660390fa4ea8a26cb41dc343a8a27ae111762de40c6f50cae3e365d8891500fc6ad0571aa3cd3a77eb83d9d488d19a8

    • SSDEEP

      24576:JkfXHfBlcKu6Gavkg3Nyp+bbbf4IBAUZLYN:JIX/cKu6GaX824IBAUZLYN

    Score
    3/10
    behavioral7

    • Target

      Notificacion Judicial 854651/intl.dll

    • Size

      87KB

    • MD5

      d1a21e38593fddba8e51ed6bf7acf404

    • SHA1

      759f16325f0920933ac977909b7fe261e0e129e6

    • SHA256

      6a64c9cb0904ed48ce0d5cda137fcfd6dd463d84681436ca647b195aa2038a7e

    • SHA512

      3f4390603cd68d949eb938c1599503fb1cbb1b8250638e0985fad2f40f08d5e45ea4a8c149e44a50c6aa9077054387c48f71b53bf06b713ca1e73a3d5a6a6c2e

    • SSDEEP

      1536:R3P7SvYgvNf+ZSz6wHFK1XErzMfb2z/oMJtEZMGG3:RjGYgvNf+ZSzJlK1XErzMfb2z/oMbEOV

    Score
    3/10
    behavioral8

    • Target

      Notificacion Judicial 854651/peso.html

    • Size

      538KB

    • MD5

      2a0b77ed4a9c7b5c148902ad71cb8282

    • SHA1

      f542dd8cde40a869a51dd82d961769db8577b256

    • SHA256

      1eac1df37f3af4ce3dc728288388e2a76c0df2d3d50a788475352d94c7f955a5

    • SHA512

      7729f50195b66a2b51046e3aa62011f0bb9e722cb0f952e858a527d9b5e2aeec005e0dd090c65b294ab09d460519bb84f8f0bb4415dcfd327385089dea380e60

    • SSDEEP

      12288:IEXorY7CLORhdNpwroff+l18GzZw4/1Q69lx3yqwaGVQ:I47C6RhdNqrmWUGz5/1flxg/2

    Score
    1/10
    behavioral9

    • Target

      Notificacion Judicial 854651/vmtools.dll

    • Size

      617KB

    • MD5

      65c3c2a741838474a592679cda346753

    • SHA1

      043d80766dd4e49d8dca6ac72b04e09b5491fdc9

    • SHA256

      4e5f2c54d9ecfe48999edfcce0de038948f8b20ff68e299c55d9a2d6f65713e8

    • SHA512

      e5d8b308586ffa914f46b6766217eb12ad759853d25108db06170b870d0e8947e2befabc2843f76cb864b0f0135a8f2163b7c93fe644b293789919d1d07c4079

    • SSDEEP

      12288:uxox5+Qg/YYhflIuPj6sya8/TfOMCEB/15/Cyz0NSwsIEmotaAJW:uCxg5/YYhfmXOdQ15/CyYNSXIE1tJW

    Score
    3/10
    behavioral10

MITRE ATT&CK Enterprise v15

Tasks