General
-
Target
YDRAY-232024-LEER-NOTIFICACIONDEMANDA-LABORAL-55214.tar.rar.CAB.tar.001
-
Size
1.4MB
-
Sample
241025-qb13ds1arr
-
MD5
54076a175f89882a5967970d77744920
-
SHA1
0ba27693872549b12bab2e23a4fd73352a31e2ed
-
SHA256
6f2e4e8901e5746c7ac53435e1d32b9765641ed56b713ab6691fcc58d6ac1b64
-
SHA512
7af02f4d5835a83c71f41f83a7fb23a63bcff6c3d569c065dcbaafa08a2b00919024c3f0b9aa53f78c4110219fd861d1777b019c0430655bea1972a2199c8bf9
-
SSDEEP
24576:GF6qby6A8/PNyJbMdW1Z+2gmSgG18n7rGmcleYqHXr95j2quImVdchm23alh5evb:S672UokZemZvGBxir95j23IQdipKnO+E
Static task
static1
Behavioral task
behavioral1
Sample
232024-LEER NOTIFICACIONDEMANDA LABORAL-55214/02 LEER DEMANDA LABORAL.exe
Resource
win7-20240903-en
Malware Config
Extracted
asyncrat
| CRACKED BY https://t.me/xworm_v2
Default
envio122344.duckdns.org:3030
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
232024-LEER NOTIFICACIONDEMANDA LABORAL-55214/02 LEER DEMANDA LABORAL.exe
-
Size
1.2MB
-
MD5
f778e9136ab0db9de9802a7043de50a7
-
SHA1
850dca074534a14fdb9ada6afaceea88558764e0
-
SHA256
90803a583e9f693de5e7b8a196832436f6f648b27fb82e55904c256f30cc8b3a
-
SHA512
cd6c5c3537f05ad5826d503e38b8e6ef2eaf668616bec15ba51ad3d81e0337a72779d7ca6af9e8ebee12d713891b30c0b73bf34718552bc9f4e7d8909b998156
-
SSDEEP
24576:+heavSigvk0vhkzswHD4/V3OQdnYKYc4wXUyuy1:qP710vezrj4dJYFYUyuy1
-
Asyncrat family
-
Suspicious use of SetThreadContext
-