General

  • Target

    bdc23f3babee193e3e687c569381a32960a0812aa8ebf2384003077fd0e559dd

  • Size

    2.8MB

  • Sample

    241030-b6zeqaspas

  • MD5

    cb508b68434e215cd55c3a7a144ddd91

  • SHA1

    724f549698b06ad6c849ff63b2427df9afbe9d7e

  • SHA256

    bdc23f3babee193e3e687c569381a32960a0812aa8ebf2384003077fd0e559dd

  • SHA512

    21f2c61cbbde01ae5e979b0b1202ec4ea69672e09e7243c5e38e59747384484cc5b2756f9861e0fa509a3a51ecb9c66302fda81c353d2a552e1b804bf10d06e3

  • SSDEEP

    49152:+HHh/RDSrAhWaoMxyR9J9MqcYsoas8epYVXv71c/KkKDCrG:+XUWWHOyLMrxFP+iRcmaG

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

WAR

C2

warpower.dynuddns.net:7171

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      DEMANDA LABORAL/01DEMANDA LABORAL JDUCIAL.exe

    • Size

      3.1MB

    • MD5

      b841d408448f2a07f308ced1589e7673

    • SHA1

      f5b5095c0ed69d42110df6d39810d12b1fa32a1e

    • SHA256

      69a90665113bd73b30360d87f7f6ed2c789a90a67f3b6e86474e21273a64f699

    • SHA512

      a689734048109ab7bec9491bbb7781686c19c7885166b3ca2975e2f49e956fcc388cd8ca85a4e5a8bf9efe6056f1e0d80197b7f521d4f0d4cadb10ba9ef1fa93

    • SSDEEP

      49152:pvFg5qg9BtIAHE3SM4ahx6LK2SamuZob+tCjNrv8:Jm5qGBHBLRKuZfkjNrv8

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Asyncrat family

    • Suspicious use of SetThreadContext

    • Target

      DEMANDA LABORAL/madHcNet32.dll

    • Size

      921KB

    • MD5

      d22b9da713ab36102c9c3d812af8c12d

    • SHA1

      371fdbf6ae6a9a2e5c0560fc94eba3290028a252

    • SHA256

      95b538b47e02d0ad2bd15d47efc18695d5e379ef61568b81ef405773d9c199bb

    • SHA512

      e5ae51f79403358af60bb3ea663251badac57414813f5537d763b0b95504a393fb2d34c94c4b7328ec13f58e74a7147d3a72e63e62973c4c5d80671be1c8face

    • SSDEEP

      24576:TlUbWq3/gquYUJ4Vgv0eUnDaE0efxfXT95:pUR4quYUJ4VgceXE0gxfjv

    Score
    3/10
    • Target

      DEMANDA LABORAL/mvrSettings32.dll

    • Size

      1.0MB

    • MD5

      d168f18b79f9f33690f011d1deb1e7cf

    • SHA1

      cf0d984ce101ec274e65e88fae07daeb26de5a6d

    • SHA256

      b7d3bc460a17e1b43c9ff09786e44ea4033710538bdb539400b55e5b80d0b338

    • SHA512

      bbf085bcbc3c1c98caba95bdf48051bac18bbd1b7314c7bb55b56e3d423fb34758cc239c237091486cc466123bf02844eaac3b4435cb535af25dc2bca625af71

    • SSDEEP

      12288:1wsE8YWuTCipwKm3ZCdX+y0Cg57ZrVmK5UhYX5NN/u3ZeEb+LJkguVl1Y1e:XIWuFKKVuig5jZ5xX5P2bKyguJf

    Score
    3/10
    • Target

      DEMANDA LABORAL/unrar.dll

    • Size

      304KB

    • MD5

      51865d714d444e677aa12adc8a399562

    • SHA1

      25530deaaff17369664eb69a0f1ef0d70ee14f0f

    • SHA256

      b7e2213b88952fec525517007e21273b515e38edd029e2672adc51c2927a0ba5

    • SHA512

      17b07c7d31fc166dc06e418103b0c9c0a4c67b153347658c279f91b5d36fa92a50c1074f120fd3bedef5ac3bc38f00586401ac68830d052ed35afe80cc70dea8

    • SSDEEP

      6144:qB6wDaKov/5qrawOZI8uN0f/UVvN3MwdZAmiVQL+O6j:qBNo35qrawqmG/yM86mim+Ou

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks