General
-
Target
23052024_1336_SISTEMA DE DENUNCIA VIRTUAL.vbs
-
Size
1.9MB
-
Sample
240523-qwm19sda3y
-
MD5
f86fb7345ac89dc3869f3537daab76bf
-
SHA1
9b20bac5d8749b33c41388b7fc463d88bfc27ccb
-
SHA256
ba58d6dc439454f2c37f8658c1d0b61446a3cf9aea0e22916e1ee5a4a396cbb9
-
SHA512
b993ef1bfef599871b1cb4ba94a556d456fe80663db32702fe3727ad6e72c2421799781a1b4afb2a1a1904e896de0e236269d8f8bd6a67bdd45c90c92d631695
-
SSDEEP
768:hRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRz/:DAc
Static task
static1
Behavioral task
behavioral1
Sample
23052024_1336_SISTEMA DE DENUNCIA VIRTUAL.vbs
Resource
win7-20231129-en
Malware Config
Extracted
https://pasteio.com/download/xDy3ge3eELDi
Extracted
asyncrat
1.0.7
Default
febrerososte.duckdns.org:2020
DcRatMutex_qwqdanchun
-
delay
1
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
23052024_1336_SISTEMA DE DENUNCIA VIRTUAL.vbs
-
Size
1.9MB
-
MD5
f86fb7345ac89dc3869f3537daab76bf
-
SHA1
9b20bac5d8749b33c41388b7fc463d88bfc27ccb
-
SHA256
ba58d6dc439454f2c37f8658c1d0b61446a3cf9aea0e22916e1ee5a4a396cbb9
-
SHA512
b993ef1bfef599871b1cb4ba94a556d456fe80663db32702fe3727ad6e72c2421799781a1b4afb2a1a1904e896de0e236269d8f8bd6a67bdd45c90c92d631695
-
SSDEEP
768:hRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRz/:DAc
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-