asyncrat

Sharing

Copy URL

Twitter E-mail

General

Target

13082024_1643_JUZGADO+PENAL.zip
Size

2.5MB
Sample

240813-t8egfazbll
MD5

6cfcc853a4c2635f24ce0ec4fc4d21bc
SHA1

57a8c89d81ae5757acb70b95abd31109f859af8d
SHA256

fb10ebccea9b50915917324c03f4a2e350b798cc7caa440ad0faa3e066fba193
SHA512

57be1cddc3c061edc6e4a6cc7507dad849ff5b62e42e46808828f01e487a1e16abe2fbbbaed9a7ea5a36189c16b0fedc4adb567c54109250cac50cddbfbb69d0
SSDEEP

49152:M71u+PUyKMeRV1T+pk/yUep/05Iky2ewJd0fd1nXsS5WVCbvgN9bH0vL/C:W0JzJT+SyUepqIQ9d0fHcSzaKT/C

Score

10^/10

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

Default

miguel2024.kozow.com:2020

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  JUZGADO PENAL/07CITACION DE DEMANDA.exe
- Size
  
  2.2MB
- MD5
  
  d9530ecee42acccfd3871672a511bc9e
- SHA1
  
  89b4d2406f1294bd699ef231a4def5f495f12778
- SHA256
  
  81e04f9a131534acc0e9de08718c062d3d74c80c7f168ec7e699cd4b2bd0f280
- SHA512
  
  d5f048ea995affdf9893ec4c5ac5eb188b6714f5b6712e0b5a316702033421b145b8ee6a62d303eb4576bf8f57273ff35c5d675807563a31157136f79d8a9980
- SSDEEP
  
  49152:rHOut2Bf0ajIM8XEEN6N0rE/I/vqn7krQEQusd5F:VbaMbXbE/I/SnwrQEQusd/
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  JUZGADO PENAL/bikini.pptx
- Size
  
  70KB
- MD5
  
  24fec7f3f13b3a944e02878b284cdd2f
- SHA1
  
  7e5d135c16e8d7558e18b778224fc55c3ac35d26
- SHA256
  
  64ce8379e4d91d2ba599e7b643399c67f6d256c8513feb97dc24c404ef752ea7
- SHA512
  
  7594696fb51916ee30855cc513f028bc491c62d63a524f43a2de89d661ca7fab58ae2cff6208aa50f8a4b8998dc89e8c512109a43cf9aca629a8a79ab257b080
- SSDEEP
  
  1536:WghD5gv2J3lzVYA3TmtFZ5LyGXqV1hJEHaBNskwdd7Uh8:WgQvIyPtF72zvhak0dd7
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  JUZGADO PENAL/d3dx9_43.dll
- Size
  
  1.9MB
- MD5
  
  4e83bd565288ac5cb4589013c344b11e
- SHA1
  
  f80fe88f16e3561e0d2b14b1b6a45025e8a429df
- SHA256
  
  e4ec839c88be62251023c1781999bbc7dd6061965a3ed4db174dfc6c3991e520
- SHA512
  
  38f081b41f035b5a40d2885d58aec72623b4262f0b32204d527b7911f077fe670945895fa7a9041657700c3535a0c2e9abe9e77994dba1bd5f13773ac82c52cc
- SSDEEP
  
  24576:uaUU6OIyl2Wy9M3bJ45fPS0zFZghQ6aOiFaKOE31GrvFXl74YZ29X1MDd6olmrBY:uQ66l2u45BiNYFrz31Cv3D29kd6k71
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  JUZGADO PENAL/davit.xlsx
- Size
  
  649KB
- MD5
  
  9451ebc3c4302304529181b29f43339b
- SHA1
  
  5bf89597234fd1171dba2ce160fd630f709fb53d
- SHA256
  
  7a91a018cff628bdb0104110da47fabe55df1ea946a04dbb42c937f60e5f16ec
- SHA512
  
  06da4bd965585ad2b3be98a15dd709a91ad8f403ffa5220e8584105733ffdb6027cccc0b3d6d200ac21b98290b6d750d5418c9b8cd4460c37c3c682b0a9d099e
- SSDEEP
  
  12288:vTRNX/yh4Vy3C7QOoun3h+rwYBSbAPLbPvXlXOYlW37hCTbRa/Qd/ZuiN:1p/yh4ICsxux6/HXkYu4/Ra/Q1Zuu
Score

3^/10

discovery
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8