Overview
overview
10Static
static
1282024-ENV...ON.exe
windows7-x64
10282024-ENV...ON.exe
windows10-2004-x64
10282024-ENV...c_.dll
windows7-x64
3282024-ENV...c_.dll
windows10-2004-x64
3282024-ENV...m_.dll
windows7-x64
3282024-ENV...m_.dll
windows10-2004-x64
3282024-ENV...t_.dll
windows7-x64
3282024-ENV...t_.dll
windows10-2004-x64
3282024-ENV...20.dll
windows7-x64
3282024-ENV...20.dll
windows10-2004-x64
3282024-ENV...20.dll
windows7-x64
3282024-ENV...20.dll
windows10-2004-x64
3General
-
Target
61627fbb6ba39b130c3a1b411095465e.001
-
Size
1.7MB
-
Sample
241028-yj5pjstlej
-
MD5
61627fbb6ba39b130c3a1b411095465e
-
SHA1
71fb1151f0f9549c38c832e1ca60ff818c35461a
-
SHA256
7c94e7fd2a9a7f37e26edddae640f56784df1f88d2b27200bcad7e79ccbb76c9
-
SHA512
c3d3cadf6e5fb2d73448d8553fba2cddb1ef4b9565417b68994d2ac262f06d840a1a62a807b25a464058639ba77d34ad560f1cd0f608668d6f4f771d34bbbfe8
-
SSDEEP
49152:iRg+8e3j5HAnHSctDPemze0TphkPcD8fHZ:a8elHSHtDPeae4p+PcD45
Static task
static1
Behavioral task
behavioral1
Sample
282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/02 LEER NOTIFICACION.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/02 LEER NOTIFICACION.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/madbasic_.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/madbasic_.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/maddisAsm_.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/maddisAsm_.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/madexcept_.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/madexcept_.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/rtl120.dll
Resource
win7-20240708-en
Behavioral task
behavioral10
Sample
282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/rtl120.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/vcl120.dll
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/vcl120.dll
Resource
win10v2004-20241007-en
Malware Config
Extracted
asyncrat
| CRACKED BY https://t.me/xworm_v2
Default
envnue1024.duckdns.org:3013
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/02 LEER NOTIFICACION.exe
-
Size
163KB
-
MD5
0588ce0c39da3283e779c1d5b21d283b
-
SHA1
1f264a47972d63db2cde18dc8311bc46551380eb
-
SHA256
d5a6714ab95caa92ef1a712465a44c1827122b971bdb28ffa33221e07651d6f7
-
SHA512
a5f97ac156d081cb4d9b3f32948eea387725c88af0f19e8bc8db2058a19e211648b7fd86708ff5e1db8f7b57ca3ab8edeba771c9d684c53bcb228ca71adab02a
-
SSDEEP
3072:yK2FRsfrS8Ywp3GKJ7hDD/vRvDTX8QlevsqYau7j7/EecxurY:x1TSG/XT5Fau7pXk
-
Asyncrat family
-
Suspicious use of SetThreadContext
-
-
-
Target
282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/madbasic_.bpl
-
Size
212KB
-
MD5
a734f2428443030c46db9ce3ab2e68a6
-
SHA1
1bf4d3e9b4bf1d801a348f2e46cc9887bae12998
-
SHA256
038511fc64801be03d8472a2f7a6ba8a27e0398cf876be1427c1463cf9190c80
-
SHA512
d829ea13a0d736bee3a788822f5c04e58deff6175da735c25b8031d19e9c3c6bfa40af6882b6e842ba466ba0a5d51c766310491d73261a842334215edf09b699
-
SSDEEP
6144:nN/kSQxE6qeM/k4qTl5L5e5+53WCG1CbF/Frfo:wqeM/k4qR5L5e5+53WulZo
Score3/10 -
-
-
Target
282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/maddisAsm_.bpl
-
Size
64KB
-
MD5
11efab4068cb4058207959e2638c2c1a
-
SHA1
b1eac0879dcda14bdc0c2efd7f261d7c175208c3
-
SHA256
11e3568f497c40331ee4a9e9973967e61b224e19204e09ed7451da3b74bd2ff5
-
SHA512
ced6167612674232429c25e52ba051994b09fdaeaf3316505904456ef8d7063f2eb03b5a158f0a424f0ecb49673e6a3d6b57d61183c5f8402da3fe53af0bd185
-
SSDEEP
1536:eNy3eqMne0sXB0IWtCLwEJhY0w1FwbiD7wlwei7:CqMnfIB04LwEJhY0w1UTnE
Score3/10 -
-
-
Target
282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/madexcept_.bpl
-
Size
438KB
-
MD5
562ec96d0f65b0309ad7508d0e0ced11
-
SHA1
0fe9dda664f4f8d9ae18603c5a25756710032a6f
-
SHA256
fb64a5954b726d2d0f0bc26113a36dc8a86c469af994ceeaf2e2609743a0a557
-
SHA512
876b82534764b2d156ce64d52771d38f245d330957287773f6b2360f48564b8d4a304449fa6f6400052165aaf433a191af2d3b38b194a9b1e892552dc0805fba
-
SSDEEP
6144:XlAz49EKhEV30F8sl88nTjQ4Q50gEcW/jd+o72niVUNMa4Yn2lZ:XlG4ut30F8slzYlQcW/jd++2nJ6u2lZ
Score3/10 -
-
-
Target
282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/rtl120.bpl
-
Size
1.1MB
-
MD5
d1a623ea5ab8c3531be70f0ab922c63f
-
SHA1
f4bede641cd2c98a3bbf764e19cf89ab194d4ee3
-
SHA256
9bc0d017fa727210f0bd2bf8f3f881e448d72b963c957385349060db5062ec19
-
SHA512
1b038bfc69616fdf57414081340f5bafee213a939337f1bcb1e362631ff45fcceb3326037523b484c9da7e59e971ae1d97a4385874c783febea6853b9175379f
-
SSDEEP
24576:Kbhp5FWbA1msvIRzM7Rk5JZzSQ4+Is2FjJL0lboo:72VJglboo
Score3/10 -
-
-
Target
282024-ENVIO COPIA DE LA NOTIFICACION ELETRONICA-282024/vcl120.bpl
-
Size
1.9MB
-
MD5
9a438a75e68e88cdabc13074a17f8a52
-
SHA1
97c94801d37d249ece7ba9aca05703303fd9cf06
-
SHA256
ccccadde7393f1b624cde32b38274e60bbe65b1769d614d129babdaeef9a6715
-
SHA512
19d260505972b96c2e5ae0058a29f61e606e276779a80732dbee70f9223dbff51dcb1f5e4eff19206c300ee08e6060987171f5b83ad87fdd8f797e0e2db529fc
-
SSDEEP
24576:v2gt8PRUMggrgN/5tWw+eNVEXZB5SOCwhuuYY8RPyS9YEPI5yz6W:vRSf0Ww+NpPSyzYY8c8YEPI4+W
Score3/10 -