Overview

overview

10

Static

static

1

NOTIFICACI...da.exe

windows7-x64

10

NOTIFICACI...da.exe

windows10-2004-x64

10

NOTIFICACI...c_.dll

windows7-x64

1

NOTIFICACI...c_.dll

windows10-2004-x64

1

NOTIFICACI...m_.dll

windows7-x64

1

NOTIFICACI...m_.dll

windows10-2004-x64

1

NOTIFICACI...t_.dll

windows7-x64

1

NOTIFICACI...t_.dll

windows10-2004-x64

1

NOTIFICACI...20.dll

windows7-x64

1

NOTIFICACI...20.dll

windows10-2004-x64

1

NOTIFICACI...20.dll

windows7-x64

1

NOTIFICACI...20.dll

windows10-2004-x64

1

NOTIFICACI...20.dll

windows7-x64

3

NOTIFICACI...20.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    25052024_1056_003 CITACION_DEMANDA_EN_SU_CONTRA_JUZGADO_008_CIVIL_DEL_CIRCUITO.rar

  • Size

    2.7MB

  • Sample

    240525-m11w5sea81

  • MD5

    3ade215762e90a5b537c032c728e16fe

  • SHA1

    cf5369d2a88e0d5be94ca211cba9f75eca6d7438

  • SHA256

    53ed6ef10743ee239135038fa40cc65d7c0ffab5ce919e84bc1f605cf9c6d33b

  • SHA512

    d8cb2a88c6c4d544ac751d36ee727f1e665d499e4beac406154fb876fc695f040a3ee38741785d1fc61bcb7e3d240441f5246a760d78e39e20578d4eb2d6e699

  • SSDEEP

    49152:NkCfefsaSvFgZquBay6e+i/y4DJdrYFELpq2Q/AT+EKMi1zsNwZErpi7k9TRAhiV:DfefaFgZqMaHe+i/9D38FkpY/AT+9MiA

Score
10/10
asyncratdefaultrat

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

Default

C2

dcrat13.duckdns.org:3013

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      NOTIFICACION DEMANDA/01Notificacion Demanda.exe

    • Size

      2.3MB

    • MD5

      5d52ef45b6e5bf144307a84c2af1581b

    • SHA1

      414a899ec327d4a9daa53983544245b209f25142

    • SHA256

      26a24d3b0206c6808615c7049859c2fe62c4dcd87e7858be40ae8112b0482616

    • SHA512

      458f47c1e4ccf41edaacc57abb663ee77ca098fffc596fad941bbdea67653aeabc79b34d607078b9ee5adb45614e26f5c28a09e8faf9532081fdd5dec9ac3c48

    • SSDEEP

      49152:DzO+g39FbI0eQf/Z3CarWedoYAmXviDTMtT2wkqN5K:DzO19Fnf/hdoYAm9ZkqN5K

    Score
    10/10
    asyncratdefaultrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      NOTIFICACION DEMANDA/madbasic_.bpl

    • Size

      210KB

    • MD5

      e03a0056e75d3a5707ba199bc2ea701f

    • SHA1

      bf40ab316e65eb17a58e70a3f0ca8426f44f5bef

    • SHA256

      7826395127e791a883359ea81308174700da0af8052cc9853b19fd29c2e4badb

    • SHA512

      b0a3cfb6b34832f048fe0fc70c6fa76ae16a2cacda930f6529a83a967d6e8de1c69b93e0de3dc2126c5385d85e814687e695a0a4131399a69633141cad98da2a

    • SSDEEP

      6144:6N/kSQxE6qeM/k4qTl5L5e5+53WCG1CbF/FrfGx:JqeM/k4qR5L5e5+53WulZGx

    Score
    1/10
    behavioral3behavioral4

    • Target

      NOTIFICACION DEMANDA/maddisAsm_.bpl

    • Size

      63KB

    • MD5

      ef3b47b2ea3884914c13c778ff29eb5b

    • SHA1

      dc2b1fa7c7547d8f1ad3f20f9060f7bc686118e0

    • SHA256

      475f7cdffd8ed4d6f52bd98ae2bb684f1c923a1be2a692757a9af788a39b1d87

    • SHA512

      9648d951d8d3640436c8029fd0f06786f7ff8f52191cd6959569c87868bb6c40ac8c7e495c09377a8a5c85e8d3942551c37eb84e916b5c16327d8d43a167820e

    • SSDEEP

      1536:eNy3eqMne0sXB0IWtCLwEJhY0w1K7fixStj7wyis:CqMnfIB04LwEJhY0w1K7zzj

    Score
    1/10
    behavioral5behavioral6

    • Target

      NOTIFICACION DEMANDA/madexcept_.bpl

    • Size

      436KB

    • MD5

      98e59596edd9b888d906c5409e515803

    • SHA1

      b79d73967a2df21d00740bc77ccebda061b44ab6

    • SHA256

      a6ca13af74a64e4ab5ebb2d12b757cecf1a683cb9cd0ae7906db1b4b2c8a90c0

    • SHA512

      ba617227849d2eb3285395e2d1babfe01902be143144be895011f0389f1860d0d7f08c6bbc4d461384eba270f866cce3351f52af1dc9ef9719c677619de79e42

    • SSDEEP

      6144:1lAz49EKhEV30F8sl88nTjQ4Q50gEcW/jd+o72niVUNMa4Yn2g:1lG4ut30F8slzYlQcW/jd++2nJ6u2g

    Score
    1/10
    behavioral7behavioral8

    • Target

      NOTIFICACION DEMANDA/rtl120.bpl

    • Size

      1.1MB

    • MD5

      4fbe03f99d402e4131fa17ee7fbc594c

    • SHA1

      696ae10cfb94cc44bb86b341a5ba33e46e4fb9ed

    • SHA256

      6028d64b53880676fcd62b445fd71952f9141b8ac0e60329b15cf9e04e437cea

    • SHA512

      c7ed994374a4e2491e120d92f3347b0d80c812e27ba6c9e186142ff7648eb7f9f1e924380649d09c98760b748eeb5d232ae6e899193e776672e9b2237dd9c026

    • SSDEEP

      24576:Xbhm5FWbA1msvIRzM7Rk5JZzSQ4+Is249Tx05boN:v2+TK5boN

    Score
    1/10
    behavioral10behavioral9

    • Target

      NOTIFICACION DEMANDA/vcl120.bpl

    • Size

      1.9MB

    • MD5

      13a2734bb2249010514386ebc856b8da

    • SHA1

      8f6e3b30f30a5bba9bc6baaf8f440e085a6a568a

    • SHA256

      713c21d009000d504d9bcf3ce95d50e74d3933083783de144db0a16e2425ebcc

    • SHA512

      2f108436fc1a03591802ff6b8c6ac1de1c0388b2a2a6f8839c10b5f0ec06b66775f261da4ace05fa367eb46b5be533949c092e113fe1270adedb9cb8c34ba2dd

    • SSDEEP

      24576:O2gt8PRUMggrgN/5tWw+eNVEXZB5SOCwhuuYY8RPyS9YEPI5yz6I:ORSf0Ww+NpPSyzYY8c8YEPI4+I

    Score
    1/10
    behavioral11behavioral12

    • Target

      NOTIFICACION DEMANDA/vclx120.bpl

    • Size

      222KB

    • MD5

      3cb8f7606940c9b51c45ebaeb84af728

    • SHA1

      7f33a8b5f8f7210bd93b330c5e27a1e70b22f57b

    • SHA256

      2feec33d1e3f3d69c717f4528b8f7f5c030caae6fb37c2100cb0b5341367d053

    • SHA512

      7559cdf6c8dbea052242f3b8129979f7d2d283f84040f1d68ae10438548072715a56a5af88b8562aeea7143194e7c5bddac3fdb01ded411a0b1cac9f0c6eef3f

    • SSDEEP

      3072:K4af8kXL6nX0YXjvkWQ5vYhbNkWPFOEJ8YZbjeTl0Y25zFgYBzRKy6sB65avEtAA:baf8kLWL7Xov8bNxdOmrfgYmHA6h

    Score
    3/10
    behavioral13behavioral14

MITRE ATT&CK Enterprise v15

Tasks