General

  • Target

    08112024_0016_Envio_copia_de_la_Notificacion_electrnica_Demanda.tar.bin.tar.001

  • Size

    877KB

  • Sample

    241108-akxtbstlfq

  • MD5

    aba0a6150c27bf6b6cbb09df90231d6c

  • SHA1

    8ab34e36553eb096268a41bde67634ee1b1cb881

  • SHA256

    81239bd303b28a9e6d5da5436b83853a47e2e8ad26aac557060b92854f8e054c

  • SHA512

    98ef24afdbc9d1f449d596b86267c5509a19ec922a1fd5b69e0cc544d233f8f5e21b0566a12528764d6c9a72c9032b81b8e15e009c4942e7edb264cd30a5aa39

  • SSDEEP

    24576:kndL3EsYI69vH2MPbEUaWT5Oznx1TIFGO1UCFM:qDYI6ZdPbnaWT5Oznx1cP1UIM

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

Default

C2

en2025en.duckdns.org:3030

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      Envio copia de la Notificacion electrnica Demanda/01 NOTIFICACION DEMANDA.exe

    • Size

      275KB

    • MD5

      b2d4b1d83945b5787d49a86c4f394e0c

    • SHA1

      334a5c434e5d5d0649f8224e449ca9aaf9ba6816

    • SHA256

      038d7b257b98421ad371189cf51d67f32ddad2de687c443a59ea74e4027bbf04

    • SHA512

      4e92c367991a30d81a718ef26e8e61d24a84d2b54b5d9c6555f319b186ed5bc29d03fb10929bdae4d37c4fe92b3c0be63ee1ed4b287df74af7644e65053222d5

    • SSDEEP

      6144:fONaSHaPlcCgYH9oYAd6q2vACSHaPlcCgYH9oY8HJF:fe969RTHGkIF69RTH6F

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Asyncrat family

    • Suspicious use of SetThreadContext

    • Target

      Envio copia de la Notificacion electrnica Demanda/mozglue.dll

    • Size

      194KB

    • MD5

      7404e6cc2d9f62c5e177c4635835a190

    • SHA1

      30b28ef884cf45a37c49cce8dbe6dcff540bce5f

    • SHA256

      330a56e3c9476794228aaea8eebf5cb9f8daef95fea79b6f8a400ff53cade354

    • SHA512

      2e55632e9badb5a69372897cd28927e498d33f603d7dbd7d0d34b3df3a1039e24184b0061b7b1d7420a0730d443df16fe239bcb77484a4602cc055fe4c4c732e

    • SSDEEP

      6144:y2IbQP+tRwQWlhAJRd6XcT4NJyFJNV34I64DTBoGMKayZ2JJJMpqmjJK:y2IbQMmjKgsT4NkD336QTWGM6pq6K

    Score
    3/10
    • Target

      Envio copia de la Notificacion electrnica Demanda/msvcp140.dll

    • Size

      427KB

    • MD5

      ff877a5dffd764197250bd4ba28496b1

    • SHA1

      187b8e183fc3331dd4ba139333886ad1fbf333a7

    • SHA256

      83f935454ae8e450b6f042509ecf28cceff95edb2495c63a782b9d45c2eaf1c0

    • SHA512

      b9245353f8a8bce6f443345daf50e135aa9d84bcce4dc5fd9279216b99bc6a1fa409292e110132ad815f303f36006610d6907e9fc778e94977beb2332481d03d

    • SSDEEP

      12288:RvYnQwEk3eLow3WEfQ+yggQWvHzDvKhOKjDhUgiW6QR7t5s03Ooc8dHkC2esqg:9YnQwELow3WSyLQWvHzLKhOKQ03Ooc8a

    Score
    3/10
    • Target

      Envio copia de la Notificacion electrnica Demanda/vcruntime140.dll

    • Size

      78KB

    • MD5

      1e6e97d60d411a2dee8964d3d05adb15

    • SHA1

      0a2fe6ec6b6675c44998c282dbb1cd8787612faf

    • SHA256

      8598940e498271b542f2c04998626aa680f2172d0ff4f8dbd4ffec1a196540f9

    • SHA512

      3f7d79079c57786051a2f7facfb1046188049e831f12b549609a8f152664678ee35ad54d1fff4447428b6f76bea1c7ca88fa96aab395a560c6ec598344fcc7fa

    • SSDEEP

      1536:FRk1rh/be3Z1bij+8xG+sQxzQF50I9VSHIecbWZOUXYOe0/zuvY:FRk/+Z1z8s+s+QrTmIecbWIA7//gY

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks