General
-
Target
OFICIO REMITENTE RDO 21200325-20024.svg
-
Size
442KB
-
Sample
241022-v6peaswgpf
-
MD5
46880fd1c96600d00449286780d696e0
-
SHA1
9d1f8fa5cdcd6afe9c1aba8e5495ef8a24d82c51
-
SHA256
c3e463142e0716d2c95d01baa0ceb84366f4c279be297ecf9a698cd211771bc8
-
SHA512
8a4015b719e0a54e2c0373463c2e0db5689174dead1820c4d1a0d092fa54b5d0df8ba9eb989b688cf1c2fec2b9754692dcb1eba54b83b581ff260e42c11b8c56
-
SSDEEP
3072:VD3/9IRQR1K0miSmwTkkBPnvpaN0Dp/UKtyW8A2KJjRc3lclFwBjlGQbkySFvMuo:5P9IwIpkSPvGMyzAnQPBJ
Static task
static1
Malware Config
Extracted
asyncrat
| CRACKED BY https://t.me/xworm_v2
SERVER
asxyz.duckdns.org:52350
AsyncMutex_6SI6TOGjnk
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
OFICIO REMITENTE RDO 21200325-20024.svg
-
Size
442KB
-
MD5
46880fd1c96600d00449286780d696e0
-
SHA1
9d1f8fa5cdcd6afe9c1aba8e5495ef8a24d82c51
-
SHA256
c3e463142e0716d2c95d01baa0ceb84366f4c279be297ecf9a698cd211771bc8
-
SHA512
8a4015b719e0a54e2c0373463c2e0db5689174dead1820c4d1a0d092fa54b5d0df8ba9eb989b688cf1c2fec2b9754692dcb1eba54b83b581ff260e42c11b8c56
-
SSDEEP
3072:VD3/9IRQR1K0miSmwTkkBPnvpaN0Dp/UKtyW8A2KJjRc3lclFwBjlGQbkySFvMuo:5P9IwIpkSPvGMyzAnQPBJ
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-