General

  • Target

    -65894-DEMANDA LABORAL- JUZGADO 02 PENAL DEL CIRCUITO RAMA JUDICIAL-01563.msg

  • Size

    463KB

  • Sample

    241011-wlrvcsvhlh

  • MD5

    cef24456ba2aec07230c9737abe382f2

  • SHA1

    d25fffeb9b479f1450dc4c2383b56eb5618a4545

  • SHA256

    1e8e8427ed280887d2d55abb7edfa766b00ee78c7ff5b8e6bce68ba1d81dce9b

  • SHA512

    fc21a0cce92dc492f436d35862bb7f6016a044f58a086b73e7c1f12607a8e77a42fb9890e2b485f7cf3f7a7181a56ba84e56beda12c2825249c59e3958c2b027

  • SSDEEP

    3072:k1qpF3ETKIx3CkLBpCoMXyV1d/Cl+XlwdgrJGwS4BHKlger6unuFbmeqX2Mjvx5V:kYXETK03fBpCoK21dE+XlpJGwSsKldA

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

Default

C2

vulcansy.duckdns.org:1415

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      -65894-DEMANDA LABORAL- JUZGADO 02 PENAL DEL CIRCUITO RAMA JUDICIAL-01563.msg

    • Size

      463KB

    • MD5

      cef24456ba2aec07230c9737abe382f2

    • SHA1

      d25fffeb9b479f1450dc4c2383b56eb5618a4545

    • SHA256

      1e8e8427ed280887d2d55abb7edfa766b00ee78c7ff5b8e6bce68ba1d81dce9b

    • SHA512

      fc21a0cce92dc492f436d35862bb7f6016a044f58a086b73e7c1f12607a8e77a42fb9890e2b485f7cf3f7a7181a56ba84e56beda12c2825249c59e3958c2b027

    • SSDEEP

      3072:k1qpF3ETKIx3CkLBpCoMXyV1d/Cl+XlwdgrJGwS4BHKlger6unuFbmeqX2Mjvx5V:kYXETK03fBpCoK21dE+XlpJGwSsKldA

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    • Target

      -65894-DEMANDA LABORAL- JUZGADO 02 PENAL DEL CIRCUITO RAMA JUDICIAL-01563.svg

    • Size

      385KB

    • MD5

      72782c8046bf21ecf5489509c246e885

    • SHA1

      023fedec4b8f5d674f63a4330bc51f1260dc8013

    • SHA256

      4110e748cc04760cdc14a350023445dd085db1c327e65a20bf15f18c4a48b06e

    • SHA512

      e045aa9e9e18c4eb7e2605d01d59efed539baaf87360a267ab0d2abab122d6ae841f8ba3a85d54c025088797217f96b7d9c3b10566f167aed2e45e64e18ce5e5

    • SSDEEP

      3072:0CkLBpCoMXyV1d/Cl+XlwdgrJGwS4BHKlger6unuFbmeqX2Mjvx5PuJuWukuMuLg:0fBpCoK21dE+XlpJGwSsKldAn

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks