Overview

overview

10

Static

static

1

Citación...da.zip

windows11-21h2-x64

1

CITACION D...DA.exe

windows11-21h2-x64

10

CITACION D...MI.dll

windows11-21h2-x64

1

CITACION D...EX.dll

windows11-21h2-x64

1

CITACION D...IO.dll

windows11-21h2-x64

3

CITACION D...in.eps

windows11-21h2-x64

3

CITACION D...and.ai

windows11-21h2-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Citación Demanda.zip

  • Size

    1005KB

  • Sample

    240426-1gsnbacf83

  • MD5

    7367c722535cc10bfb1345558a7c445f

  • SHA1

    36c4ff893a628c3d4a7d12867c17a3f6b6f3cba6

  • SHA256

    8dc7fa88285ed5466962a8a6f04941dc23d3f5d11398bd33ecb80973189f1a98

  • SHA512

    b39bcec1a3c9a38a42635df8299ffdb4130587f44a4d61924dd7b169c668f8df0edb417fc67712bd8db21c3a769933942b00f6e61ff942577a71ee05c0167c43

  • SSDEEP

    24576:Ig8DsRH9LWeZH4kLCFYEiiMovG0IoKDyGX:9HRnH/UYEnG0IoKRX

Score
10/10
asyncratpoweruprat

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

POWERUP

C2

powerup.dynuddns.net:6161

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_file

    secure.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      Citación Demanda.zip

    • Size

      1005KB

    • MD5

      7367c722535cc10bfb1345558a7c445f

    • SHA1

      36c4ff893a628c3d4a7d12867c17a3f6b6f3cba6

    • SHA256

      8dc7fa88285ed5466962a8a6f04941dc23d3f5d11398bd33ecb80973189f1a98

    • SHA512

      b39bcec1a3c9a38a42635df8299ffdb4130587f44a4d61924dd7b169c668f8df0edb417fc67712bd8db21c3a769933942b00f6e61ff942577a71ee05c0167c43

    • SSDEEP

      24576:Ig8DsRH9LWeZH4kLCFYEiiMovG0IoKDyGX:9HRnH/UYEnG0IoKRX

    Score
    1/10
    behavioral1

    • Target

      CITACION DEMANDA/04 CITACION DEMANDA.exe

    • Size

      446KB

    • MD5

      485008b43f0edceba0e0d3ca04bc1c1a

    • SHA1

      55ae8f105af415bb763d1b87f6572f078052877c

    • SHA256

      12c22ba646232d5d5087d0300d5cfd46fed424f26143a02dc866f1bfceab3c10

    • SHA512

      402652786daae635c7405f5fa0924d768cbde2086f9f57b10f00f921dec98e37168f5c3a6baa5593ba9a478f3971d32747c517ffd485d25634c924e6b08815b1

    • SSDEEP

      12288:vK5+DMJA3TAz4plk9iZOOti81N5y1qMIg+GV5Zul3M:y5+DMJA3TAz4plk9ijK1qlGV7ulM

    Score
    10/10
    asyncratpoweruprat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Suspicious use of SetThreadContext

    behavioral2

    • Target

      CITACION DEMANDA/ASUS_WMI.dll

    • Size

      224KB

    • MD5

      3f109a02c8d642e8003a1188df40d861

    • SHA1

      f723f38471b8872443aa9177eef12a96c02cc84a

    • SHA256

      6523b44da6fa7078c7795b7705498e487b0625e28e15aec2d270c6e4a909b5a5

    • SHA512

      023696a52d48c465ab62e3ee754b445093b8a0ed0a232b430ce1f0db3dae382c9e1fba210c2b04d1018cc29bfb69c546976912f3939a76e98bcb792ae57af0da

    • SSDEEP

      3072:Y4WuqFgPmBNRP8hXzGXPkW6ZZW8egH1/jQoAg0FubAxZ+051gh9b6q4TQWdO8g:Y9t2nhQ2ZW8ecAOAZCqQWY8g

    Score
    1/10
    behavioral3

    • Target

      CITACION DEMANDA/ATKEX.dll

    • Size

      84KB

    • MD5

      e68562f63265e1a70881446b4b9dc455

    • SHA1

      da16ef9367bde3ce892b1a0e33bc179d8acdceb3

    • SHA256

      c8b16f1c6883a23021da37d9116a757f971fe919d64ef8f9dba17a7d8dd39adb

    • SHA512

      6bedea10a5b50f6e93e8566c18970c8ad1b8dfc7d5961069fc5d5216dcdded0b2a2ad8dd91f4ad80f8604d573a343c126df238ee5c448cdc26b899077957a674

    • SSDEEP

      1536:C3zQ0q8XqIh06v0UQpTcX+CZntb9lviEossWVcd+u8Nc15TCvOM:UqhIh06vKpTcX+El2+uKc15TCF

    Score
    1/10
    behavioral4

    • Target

      CITACION DEMANDA/AsIO.dll

    • Size

      120KB

    • MD5

      24d5874d5403d369ca66a53f4d7c818f

    • SHA1

      e171a2b0f5189a0f7374ae99e02b1138066d5147

    • SHA256

      406f0c9c379ac28f1135d8c2aea49d5105782631cbf5259800e19b93813412c4

    • SHA512

      bdc845f04e300e9ee5db7cd001e7d7dbd8485d94c957d71a9740e98a66ecaa5089257ffb3e25d399763a88b2e20b339505b1282c254dc0d9e44b71fcf7adbc88

    • SSDEEP

      3072:A1CK0llptaTHfPwr5pm6Qi0ZqaPkyP87vuL:AQbllaborzQtTYvy

    Score
    3/10
    behavioral5

    • Target

      CITACION DEMANDA/parkin.eps

    • Size

      32KB

    • MD5

      af9ea500e4c4a352a5ea5dc05d675789

    • SHA1

      b71df8eb127e0b563db8bed136929e2d9b338409

    • SHA256

      2a2d0100e0ad2f3cbd8dd17a1f13bfac87885b1e91f8178cfd47536f1229524f

    • SHA512

      ee8df2f4cdf3f812756fd851f49dffc3dbab7f1490426e112449c9d53732f0470cda448f9258804cc29c661c145e67b222da08290a701d310bb29c3974aef2b9

    • SSDEEP

      768:TzkuLnqH7fAji8QRpEA9aN0ri4gHdHb8K1iYR2m:TzT8fAe8QR7Pri4MVo+

    Score
    3/10
    behavioral6

    • Target

      CITACION DEMANDA/riband.ai

    • Size

      649KB

    • MD5

      70c2a4ca2f42dac8154bf15ec078fbc0

    • SHA1

      6d4f77de5f928aa56111a96d6e0a20e84014c1ab

    • SHA256

      72e93e8cba000a98027f751dd87e6e596b9712c54858d21555a74a35eb841280

    • SHA512

      604f1bdb477face6d7a42e39e9fd9171b6c36b03e1839fbf6e73d8e8bb76a2d36e7b434dc77ee42ed8692e2a2dea048d630fa8a17331e1229cc26e3ff5030b3a

    • SSDEEP

      12288:JOHdSuRSfcW89miMMZHyG9QKAn43GGFXeEXjP+dNPwy3J+lNyHUNfh/GDkH6yVPy:aNRwjNQSKnAn43GGFumjP+dZwzGUNhXM

    Score
    3/10
    behavioral7

MITRE ATT&CK Matrix ATT&CK v13

Tasks