asyncrat

Resubmissions

30-07-2024 22:59

240730-2ynw5ayajh 10

30-07-2024 22:56

240730-2wvlwsxhma 10

30-07-2024 22:49

240730-2rrpfatbrk 10

Sharing

Copy URL

Twitter E-mail

General

Target

05 CITACION DEMANDA EN SU CONTRA - JUZGADO PENAL 01 DEL CIRCUITO RAMA JUDICIAL ESPECIALIZADO.zip
Size

4.8MB
Sample

240730-2wvlwsxhma
MD5

843287222d08fa7d9abcdd75926e8cd7
SHA1

c565498234952bbf46131fca08bb00dc3803722e
SHA256

f894d3df8c6df4117d44d958382a5ba47ab288e2cc5e7fd8c793ceef1a21a220
SHA512

96eec4ce926658128b634f87aa4423a6d6e3b36eb763c283f8b11ee5b2252db92e011034611b083aa737e463026c5933f68ceb6a976137968039fda14c9c6c22
SSDEEP

98304:dVtC29qKgrsZ9QORN29RPjcYq0KvkIIV4UFwx0BJgVcEaFEytVByTHdDYo5zZB:dvC29q4Z9nN29RrcptbIaMvUGEUylYgb

Score

10^/10

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

Default

gfbvhbh2024.kozow.com:2000

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  05 CITACION DEMANDA EN SU CONTRA - JUZGADO PENAL 01 DEL CIRCUITO RAMA JUDICIAL ESPECIALIZADO/02 CITACION DEMANDA..exe
- Size
  
  2.3MB
- MD5
  
  5d52ef45b6e5bf144307a84c2af1581b
- SHA1
  
  414a899ec327d4a9daa53983544245b209f25142
- SHA256
  
  26a24d3b0206c6808615c7049859c2fe62c4dcd87e7858be40ae8112b0482616
- SHA512
  
  458f47c1e4ccf41edaacc57abb663ee77ca098fffc596fad941bbdea67653aeabc79b34d607078b9ee5adb45614e26f5c28a09e8faf9532081fdd5dec9ac3c48
- SSDEEP
  
  49152:DzO+g39FbI0eQf/Z3CarWedoYAmXviDTMtT2wkqN5K:DzO19Fnf/hdoYAm9ZkqN5K
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2