General

  • Target

    61627fbb6ba39b130c3a1b411095465e.001

  • Size

    1.7MB

  • Sample

    241028-yj5pjstlej

  • MD5

    61627fbb6ba39b130c3a1b411095465e

  • SHA1

    71fb1151f0f9549c38c832e1ca60ff818c35461a

  • SHA256

    7c94e7fd2a9a7f37e26edddae640f56784df1f88d2b27200bcad7e79ccbb76c9

  • SHA512

    c3d3cadf6e5fb2d73448d8553fba2cddb1ef4b9565417b68994d2ac262f06d840a1a62a807b25a464058639ba77d34ad560f1cd0f608668d6f4f771d34bbbfe8

  • SSDEEP

    49152:iRg+8e3j5HAnHSctDPemze0TphkPcD8fHZ:a8elHSHtDPeae4p+PcD45

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

Default

C2

envnue1024.duckdns.org:3013

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/02 LEER NOTIFICACION.exe

    • Size

      163KB

    • MD5

      0588ce0c39da3283e779c1d5b21d283b

    • SHA1

      1f264a47972d63db2cde18dc8311bc46551380eb

    • SHA256

      d5a6714ab95caa92ef1a712465a44c1827122b971bdb28ffa33221e07651d6f7

    • SHA512

      a5f97ac156d081cb4d9b3f32948eea387725c88af0f19e8bc8db2058a19e211648b7fd86708ff5e1db8f7b57ca3ab8edeba771c9d684c53bcb228ca71adab02a

    • SSDEEP

      3072:yK2FRsfrS8Ywp3GKJ7hDD/vRvDTX8QlevsqYau7j7/EecxurY:x1TSG/XT5Fau7pXk

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Asyncrat family

    • Suspicious use of SetThreadContext

    • Target

      282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/madbasic_.bpl

    • Size

      212KB

    • MD5

      a734f2428443030c46db9ce3ab2e68a6

    • SHA1

      1bf4d3e9b4bf1d801a348f2e46cc9887bae12998

    • SHA256

      038511fc64801be03d8472a2f7a6ba8a27e0398cf876be1427c1463cf9190c80

    • SHA512

      d829ea13a0d736bee3a788822f5c04e58deff6175da735c25b8031d19e9c3c6bfa40af6882b6e842ba466ba0a5d51c766310491d73261a842334215edf09b699

    • SSDEEP

      6144:nN/kSQxE6qeM/k4qTl5L5e5+53WCG1CbF/Frfo:wqeM/k4qR5L5e5+53WulZo

    Score
    3/10
    • Target

      282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/maddisAsm_.bpl

    • Size

      64KB

    • MD5

      11efab4068cb4058207959e2638c2c1a

    • SHA1

      b1eac0879dcda14bdc0c2efd7f261d7c175208c3

    • SHA256

      11e3568f497c40331ee4a9e9973967e61b224e19204e09ed7451da3b74bd2ff5

    • SHA512

      ced6167612674232429c25e52ba051994b09fdaeaf3316505904456ef8d7063f2eb03b5a158f0a424f0ecb49673e6a3d6b57d61183c5f8402da3fe53af0bd185

    • SSDEEP

      1536:eNy3eqMne0sXB0IWtCLwEJhY0w1FwbiD7wlwei7:CqMnfIB04LwEJhY0w1UTnE

    Score
    3/10
    • Target

      282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/madexcept_.bpl

    • Size

      438KB

    • MD5

      562ec96d0f65b0309ad7508d0e0ced11

    • SHA1

      0fe9dda664f4f8d9ae18603c5a25756710032a6f

    • SHA256

      fb64a5954b726d2d0f0bc26113a36dc8a86c469af994ceeaf2e2609743a0a557

    • SHA512

      876b82534764b2d156ce64d52771d38f245d330957287773f6b2360f48564b8d4a304449fa6f6400052165aaf433a191af2d3b38b194a9b1e892552dc0805fba

    • SSDEEP

      6144:XlAz49EKhEV30F8sl88nTjQ4Q50gEcW/jd+o72niVUNMa4Yn2lZ:XlG4ut30F8slzYlQcW/jd++2nJ6u2lZ

    Score
    3/10
    • Target

      282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/rtl120.bpl

    • Size

      1.1MB

    • MD5

      d1a623ea5ab8c3531be70f0ab922c63f

    • SHA1

      f4bede641cd2c98a3bbf764e19cf89ab194d4ee3

    • SHA256

      9bc0d017fa727210f0bd2bf8f3f881e448d72b963c957385349060db5062ec19

    • SHA512

      1b038bfc69616fdf57414081340f5bafee213a939337f1bcb1e362631ff45fcceb3326037523b484c9da7e59e971ae1d97a4385874c783febea6853b9175379f

    • SSDEEP

      24576:Kbhp5FWbA1msvIRzM7Rk5JZzSQ4+Is2FjJL0lboo:72VJglboo

    Score
    3/10
    • Target

      282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/vcl120.bpl

    • Size

      1.9MB

    • MD5

      9a438a75e68e88cdabc13074a17f8a52

    • SHA1

      97c94801d37d249ece7ba9aca05703303fd9cf06

    • SHA256

      ccccadde7393f1b624cde32b38274e60bbe65b1769d614d129babdaeef9a6715

    • SHA512

      19d260505972b96c2e5ae0058a29f61e606e276779a80732dbee70f9223dbff51dcb1f5e4eff19206c300ee08e6060987171f5b83ad87fdd8f797e0e2db529fc

    • SSDEEP

      24576:v2gt8PRUMggrgN/5tWw+eNVEXZB5SOCwhuuYY8RPyS9YEPI5yz6W:vRSf0Ww+NpPSyzYY8c8YEPI4+W

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks