Overview
overview
10Static
static
1DEMANDA LA...AL.exe
windows7-x64
DEMANDA LA...AL.exe
windows10-2004-x64
10DEMANDA LA...32.dll
windows7-x64
3DEMANDA LA...32.dll
windows10-2004-x64
3DEMANDA LA...32.dll
windows7-x64
3DEMANDA LA...32.dll
windows10-2004-x64
3DEMANDA LA...ar.dll
windows7-x64
3DEMANDA LA...ar.dll
windows10-2004-x64
3General
-
Target
bdc23f3babee193e3e687c569381a32960a0812aa8ebf2384003077fd0e559dd
-
Size
2.8MB
-
Sample
241030-b6zeqaspas
-
MD5
cb508b68434e215cd55c3a7a144ddd91
-
SHA1
724f549698b06ad6c849ff63b2427df9afbe9d7e
-
SHA256
bdc23f3babee193e3e687c569381a32960a0812aa8ebf2384003077fd0e559dd
-
SHA512
21f2c61cbbde01ae5e979b0b1202ec4ea69672e09e7243c5e38e59747384484cc5b2756f9861e0fa509a3a51ecb9c66302fda81c353d2a552e1b804bf10d06e3
-
SSDEEP
49152:+HHh/RDSrAhWaoMxyR9J9MqcYsoas8epYVXv71c/KkKDCrG:+XUWWHOyLMrxFP+iRcmaG
Static task
static1
Behavioral task
behavioral1
Sample
DEMANDA LABORAL/01DEMANDA LABORAL JDUCIAL.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
DEMANDA LABORAL/01DEMANDA LABORAL JDUCIAL.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
DEMANDA LABORAL/madHcNet32.dll
Resource
win7-20241010-en
Behavioral task
behavioral4
Sample
DEMANDA LABORAL/madHcNet32.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
DEMANDA LABORAL/mvrSettings32.dll
Resource
win7-20241010-en
Behavioral task
behavioral6
Sample
DEMANDA LABORAL/mvrSettings32.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
DEMANDA LABORAL/unrar.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
DEMANDA LABORAL/unrar.dll
Resource
win10v2004-20241007-en
Malware Config
Extracted
asyncrat
| CRACKED BY https://t.me/xworm_v2
WAR
warpower.dynuddns.net:7171
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
DEMANDA LABORAL/01DEMANDA LABORAL JDUCIAL.exe
-
Size
3.1MB
-
MD5
b841d408448f2a07f308ced1589e7673
-
SHA1
f5b5095c0ed69d42110df6d39810d12b1fa32a1e
-
SHA256
69a90665113bd73b30360d87f7f6ed2c789a90a67f3b6e86474e21273a64f699
-
SHA512
a689734048109ab7bec9491bbb7781686c19c7885166b3ca2975e2f49e956fcc388cd8ca85a4e5a8bf9efe6056f1e0d80197b7f521d4f0d4cadb10ba9ef1fa93
-
SSDEEP
49152:pvFg5qg9BtIAHE3SM4ahx6LK2SamuZob+tCjNrv8:Jm5qGBHBLRKuZfkjNrv8
-
Asyncrat family
-
Suspicious use of SetThreadContext
-
-
-
Target
DEMANDA LABORAL/madHcNet32.dll
-
Size
921KB
-
MD5
d22b9da713ab36102c9c3d812af8c12d
-
SHA1
371fdbf6ae6a9a2e5c0560fc94eba3290028a252
-
SHA256
95b538b47e02d0ad2bd15d47efc18695d5e379ef61568b81ef405773d9c199bb
-
SHA512
e5ae51f79403358af60bb3ea663251badac57414813f5537d763b0b95504a393fb2d34c94c4b7328ec13f58e74a7147d3a72e63e62973c4c5d80671be1c8face
-
SSDEEP
24576:TlUbWq3/gquYUJ4Vgv0eUnDaE0efxfXT95:pUR4quYUJ4VgceXE0gxfjv
Score3/10 -
-
-
Target
DEMANDA LABORAL/mvrSettings32.dll
-
Size
1.0MB
-
MD5
d168f18b79f9f33690f011d1deb1e7cf
-
SHA1
cf0d984ce101ec274e65e88fae07daeb26de5a6d
-
SHA256
b7d3bc460a17e1b43c9ff09786e44ea4033710538bdb539400b55e5b80d0b338
-
SHA512
bbf085bcbc3c1c98caba95bdf48051bac18bbd1b7314c7bb55b56e3d423fb34758cc239c237091486cc466123bf02844eaac3b4435cb535af25dc2bca625af71
-
SSDEEP
12288:1wsE8YWuTCipwKm3ZCdX+y0Cg57ZrVmK5UhYX5NN/u3ZeEb+LJkguVl1Y1e:XIWuFKKVuig5jZ5xX5P2bKyguJf
Score3/10 -
-
-
Target
DEMANDA LABORAL/unrar.dll
-
Size
304KB
-
MD5
51865d714d444e677aa12adc8a399562
-
SHA1
25530deaaff17369664eb69a0f1ef0d70ee14f0f
-
SHA256
b7e2213b88952fec525517007e21273b515e38edd029e2672adc51c2927a0ba5
-
SHA512
17b07c7d31fc166dc06e418103b0c9c0a4c67b153347658c279f91b5d36fa92a50c1074f120fd3bedef5ac3bc38f00586401ac68830d052ed35afe80cc70dea8
-
SSDEEP
6144:qB6wDaKov/5qrawOZI8uN0f/UVvN3MwdZAmiVQL+O6j:qBNo35qrawqmG/yM86mim+Ou
Score3/10 -