Overview

overview

10

Static

static

1

NOTIFICACI...da.exe

windows7-x64

10

NOTIFICACI...da.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    003 CITACION_DEMANDA_EN_SU_CONTRA_JUZGADO_008_CIVIL_DEL_CIRCUITO.rar

  • Size

    2.7MB

  • Sample

    240524-vwy6radb6z

  • MD5

    3ade215762e90a5b537c032c728e16fe

  • SHA1

    cf5369d2a88e0d5be94ca211cba9f75eca6d7438

  • SHA256

    53ed6ef10743ee239135038fa40cc65d7c0ffab5ce919e84bc1f605cf9c6d33b

  • SHA512

    d8cb2a88c6c4d544ac751d36ee727f1e665d499e4beac406154fb876fc695f040a3ee38741785d1fc61bcb7e3d240441f5246a760d78e39e20578d4eb2d6e699

  • SSDEEP

    49152:NkCfefsaSvFgZquBay6e+i/y4DJdrYFELpq2Q/AT+EKMi1zsNwZErpi7k9TRAhiV:DfefaFgZqMaHe+i/9D38FkpY/AT+9MiA

Score
10/10
asyncratdefaultrat

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

Default

C2

dcrat13.duckdns.org:3013

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      NOTIFICACION DEMANDA/01Notificacion Demanda.exe

    • Size

      2.3MB

    • MD5

      5d52ef45b6e5bf144307a84c2af1581b

    • SHA1

      414a899ec327d4a9daa53983544245b209f25142

    • SHA256

      26a24d3b0206c6808615c7049859c2fe62c4dcd87e7858be40ae8112b0482616

    • SHA512

      458f47c1e4ccf41edaacc57abb663ee77ca098fffc596fad941bbdea67653aeabc79b34d607078b9ee5adb45614e26f5c28a09e8faf9532081fdd5dec9ac3c48

    • SSDEEP

      49152:DzO+g39FbI0eQf/Z3CarWedoYAmXviDTMtT2wkqN5K:DzO19Fnf/hdoYAm9ZkqN5K

    Score
    10/10
    asyncratdefaultrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks