asyncrat | 0fccb88dd106638ef91db078bb6534849cc1b12f68bb1a08a70db89d338a10f0

Sharing

Copy URL

Twitter E-mail

General

Target

0fccb88dd106638ef91db078bb6534849cc1b12f68bb1a08a70db89d338a10f0
Size

26.0MB
Sample

241110-rxprxssjak
MD5

6a6b53119f5ebcfe8972320273a42a58
SHA1

751f4a806870c7d09fdc7c31145d9b5acb4d3234
SHA256

0fccb88dd106638ef91db078bb6534849cc1b12f68bb1a08a70db89d338a10f0
SHA512

4d14788233ddd645b9d874c0e1b38aa0d94231f6e49a0a2c2238da30ef1b51d2b12475057e2098c02091128cad56ea129ef21ed029be443515ea14e2d13659fd
SSDEEP

786432:X5X23QgeyHQxdT2cqWdmUlzFvXCif1+uHKQhTTPNredaC:pX23QghE98WdmIFSm/oZ

Score

10^/10

Malware Config

Extracted

Family

asyncrat

Botnet

Default

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

https://api.telegram.org/bot6133753310:AAHOsvlWQDP23zggObP6jfcNHkvhUg1zl1k/sendMessage?chat_id=5876226574

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  XWorm_V3.1/FastColoredTextBox.dll
- Size
  
  333KB
- MD5
  
  b746707265772b362c0ba18d8d630061
- SHA1
  
  4b185e5f68c00bef441adb737d0955646d4e569a
- SHA256
  
  3701b19ccdac79b880b197756a972027e2ac609ebed36753bd989367ea4ef519
- SHA512
  
  fd67f6c55940509e8060da53693cb5fbac574eb1e79d5bd8f9bbd43edbd05f68d5f73994798a0eed676d3e583e1c6cde608b54c03604b3818520fa18ad19aec8
- SSDEEP
  
  6144:4FErOIif3RzSHh+20lXs1TzCeBcQeDbNlz7:eEeR52bmeh0n
Score

1^/10
behavioral1 behavioral2
- Target
  
  XWorm_V3.1/Fixer.bat
- Size
  
  122B
- MD5
  
  2dabc46ce85aaff29f22cd74ec074f86
- SHA1
  
  208ae3e48d67b94cc8be7bbfd9341d373fa8a730
- SHA256
  
  a11703fd47d16020fa099a95bb4e46247d32cf8821dc1826e77a971cdd3c4c55
- SHA512
  
  6a50b525bc5d8eb008b1b0d704f9942f72f1413e65751e3de83d2e16ef3cf02ef171b9da3fff0d2d92a81daac7f61b379fcf7a393f46e914435f6261965a53b3
Score

1^/10
behavioral3 behavioral4
- Target
  
  XWorm_V3.1/GMap.NET.Core.dll
- Size
  
  2.9MB
- MD5
  
  819352ea9e832d24fc4cebb2757a462b
- SHA1
  
  aba7e1b29bdcd0c5a307087b55c2ec0c7ca81f11
- SHA256
  
  58c755fcfc65cddea561023d736e8991f0ad69da5e1378dea59e98c5db901b86
- SHA512
  
  6a5b0e1553616ea29ec72c12072ae05bdd709468a173e8adbdfe391b072c001ecacb3dd879845f8d599c6152eca2530cdaa2c069b1f94294f778158eaaebe45a
- SSDEEP
  
  49152:ot12Gb/hz7ZsK9qY5uyUW57VC4IB1+fXhQ1hyCzMw/22fSg7gjxhUE/nbTC0xemh:oLbteKb57W1+PhQ1HM1gmJ/SZmh
Score

1^/10
behavioral5 behavioral6
- Target
  
  XWorm_V3.1/GMap.NET.WindowsForms.dll
- Size
  
  147KB
- MD5
  
  32a8742009ffdfd68b46fe8fd4794386
- SHA1
  
  de18190d77ae094b03d357abfa4a465058cd54e3
- SHA256
  
  741e1a8f05863856a25d101bd35bf97cba0b637f0c04ecb432c1d85a78ef1365
- SHA512
  
  22418d5e887a6022abe8a7cbb0b6917a7478d468d211eecd03a95b8fb6452fc59db5178573e25d5d449968ead26bb0b2bfbfada7043c9a7a1796baca5235a82b
- SSDEEP
  
  3072:k1GmgYqIY/0YSDBRGlDUqL63budipxj64m8HWYh3vHbFwMhLJSb+:lIO6rGloqL63qW62lJ
Score

1^/10
behavioral7 behavioral8
- Target
  
  XWorm_V3.1/IconExtractor.dll
- Size
  
  10KB
- MD5
  
  640d8ffa779c6dd5252a262e440c66c0
- SHA1
  
  3252d8a70a18d5d4e0cc84791d587dd12a394c2a
- SHA256
  
  440912d85d2f98bb4f508ab82847067c18e1e15be0d8ecdcff0cc19327527fc2
- SHA512
  
  e12084f87bd46010aded22be30e902c5269a6f6bc88286d3bef17c71d070b17beada0fe9e691a2b2f76202b5f9265329f6444575f89aff8551c486eafe4d5f32
- SSDEEP
  
  192:7f77J4cGYyfQknxLvIgyLY5xJeU5pPpZlEAs:HS2yINgyLYLJR5wl
Score

1^/10
behavioral10 behavioral9
- Target
  
  XWorm_V3.1/NAudio.dll
- Size
  
  502KB
- MD5
  
  3b87d1363a45ce9368e9baec32c69466
- SHA1
  
  70a9f4df01d17060ec17df9528fca7026cc42935
- SHA256
  
  81b3f1dc3f1eac9762b8a292751a44b64b87d0d4c3982debfdd2621012186451
- SHA512
  
  1f07d3b041763b4bc31f6bd7b181deb8d34ff66ec666193932ffc460371adbcd4451483a99009b9b0b71f3864ed5c15c6c3b3777fabeb76f9918c726c35eb7d7
- SSDEEP
  
  6144:96/i10SZtfzWctj98vZcE0wmLlaIZs5eku2sX2hrjAzvgmXa6W9FwsT9idwktQZG:9yrSKMJR9aGs55T1X9Fwspi2tGpmS
Score

1^/10
behavioral11 behavioral12
- Target
  
  XWorm_V3.1/Plugins/ActiveWindows.dll
- Size
  
  14KB
- MD5
  
  abf694ddb10c63e5205444b442e49706
- SHA1
  
  8d9d2beba8240b2795b6113db9a158219e63ffeb
- SHA256
  
  5679768b449a8e59b5a9ad8eb6e9fcd7e03c70869da8fd7b6cec5e948aac56b1
- SHA512
  
  63c44c10b88f2a2655887a93b1f4b2288f99d2ae3622ff7f62a9edf4ff9325ebb66e16215572fe896e46fc335364b203f632124e9409b9f863189306a9499f30
- SSDEEP
  
  384:IqIGejCUccJeGCJWM2YFegdT8Ft0Y7XZ316DMz:IqIGeXcWrCJ+EtYZ316Du
Score

1^/10
behavioral13 behavioral14
- Target
  
  XWorm_V3.1/Plugins/All-In-One.dll
- Size
  
  4.8MB
- MD5
  
  8b462f2be3497eb66347a6047180d759
- SHA1
  
  601974b1547653fa38f84a5e2b6cef1d4a4214ca
- SHA256
  
  effaa01f092dda8351e6f4a4a1bc651acf91865a4f512a3a336b7e6fea495bda
- SHA512
  
  6fb8226192277cfda113805154cf83c01590db1b159add775d21db0101b8c5b45847ceef27f105d0275b1b1dc692cc5774f7777795ae8e832301836bed5d4843
- SSDEEP
  
  98304:nl19F9QORkChiDC9OtH7c2iwGxIvPBOw0JefVfQ2a5cFd4KssODtd:z9FPRkC8C9OH7c2ilInz0kfVo26Wsd
Score

1^/10
behavioral15 behavioral16
- Target
  
  XWorm_V3.1/Plugins/Chat.dll
- Size
  
  18KB
- MD5
  
  a25cbb61fadacf30d8e4b638c097d30b
- SHA1
  
  ba3ba796c8dfc5e802179c1a85ebdaab0ed35c78
- SHA256
  
  185efd0dda1032e4e738b674877bb2c0de931b02f69057d6ee00914f9b8f6db7
- SHA512
  
  7dc53503402c69e9d659de45993ceffdf61824d853eb55fda921469f683df2f6ba44f76ec1462d5614a8cafd95e976615d4cd94e28c068eed22e56ed5ab67826
- SSDEEP
  
  384:zUeLD8aDbXCtSeEd3uq7uQZRHUrwTKvt0GIKoIDfiUWGfZ:+kbCtSeE5uq7uQYr0HIDfiX6
Score

1^/10
behavioral17 behavioral18
- Target
  
  XWorm_V3.1/Plugins/Clipboard.dll
- Size
  
  14KB
- MD5
  
  3873c7a085d349ee7d80f19a1d04466a
- SHA1
  
  df563f40438603db051e97ba5d15b8d064eaa918
- SHA256
  
  6e6d2010f02c4a2b8372ed98728e68d740d262df05be811942e26229f21af1b9
- SHA512
  
  12a806f5f035c69fe4ed3859cb42e1441924185d40c23c026a57ce052c9a4060bc1d5fb7d289db4d94be093fbb763075cd667c6db5aee3541defd076c5163b2d
- SSDEEP
  
  192:kAXyVpJlyIxlioHESRJ29u+6ZWSYASO3tOXXgNTen1i9iY6IW1mX/60/jAqEM7RL:kXVpuoHpMDfAR98STe1oi2X/6xMrwU
Score

1^/10
behavioral19 behavioral20
- Target
  
  XWorm_V3.1/Plugins/FileManager.dll
- Size
  
  27KB
- MD5
  
  35e01d48dc293c1ee38fb76a001fc6fd
- SHA1
  
  36b5ec73b188bed24e8549f1f9244acc89e2ecc7
- SHA256
  
  4da7b92dd81ff96931aa9012eabaa0878d13c78dc3cd840b102ce7e15fec4b7b
- SHA512
  
  210260c3802c21a48f84bc5c865d4b8fd804258d160ca8d20032e32650f4e197a650463e6cb56e7b459b6043046be17b146d26a4ee41b0e215c842ba5ecf6cd3
- SSDEEP
  
  384:tp4K215dISbc/TY0mN1PGDQXSBJVYol/tF37enOAkxqb8cq/hsutzgk/b7oBxkpE:h21vWk0yPGsXAr7dtRKPb8V3dmjC0b
Score

1^/10
behavioral21 behavioral22
- Target
  
  XWorm_V3.1/Plugins/FileSeacher.dll
- Size
  
  478KB
- MD5
  
  f7bea87f295d1d4284ae396a822950a0
- SHA1
  
  d8c7bdac70c147dfc1432b6794a821d9b07d720a
- SHA256
  
  1d97563568c011b93d3149bfd062d81647b1ccb9ab87b270e39a518d108f77d1
- SHA512
  
  8061d47255769a398d4a1f608260c211de4be71d3475d4284f0df881b371de172cc334f323ad4bb9d702ceac6de0ae700f3006d9c2e383bd41f1742d0ae8b2e9
- SSDEEP
  
  6144:zPv5T5fIIC8W8XqeGtSV41QJDsTDDh0Yhe6dwxLV/vuhgS0mkdwcG:znfIICLlS4Ys50ie6CfigSjE
Score

1^/10
behavioral23 behavioral24
- Target
  
  XWorm_V3.1/Plugins/HRDP.dll
- Size
  
  1.7MB
- MD5
  
  144178b1a4f5e6b19b01a272d29a2f0b
- SHA1
  
  0af94d62ac2e0c9db3f9d7054382c5226efd21f5
- SHA256
  
  52ebcc3cd12ee6ce2274cc289386beb7a9dc31a4a2b583dbab5495b67b32ca27
- SHA512
  
  928b0dd4c9cc0c4edb8d64acdc6dd8e9c92951af2bd218ffd0f5991109133b4b30bdbabe4f4762b8d14f9c15ecde716404cfc036ece4d7b2d6db159428ad7fb9
- SSDEEP
  
  24576:brKxoVT2iXc+IZ++6WiaTAsN/3ebTvK+63CWH8iA/iD2hgPjcC8SVdKumYr7:6HZ5pdqYH8ia6GcKuR7
Score

1^/10
behavioral25 behavioral26
- Target
  
  XWorm_V3.1/Plugins/HVNC.dll
- Size
  
  58KB
- MD5
  
  9dfed469828dc9a5ec89e3cd21d5b74a
- SHA1
  
  8422ba84ef565ad495958249bc940b527e9c9460
- SHA256
  
  8918b5549441692917ab504e1ad9455d8e62eff189becadee048e6c1493d1bbb
- SHA512
  
  ce8bdb7e820c3d910c3a6232552e2a576a4c03cc128dd6d4eba5b48f3b1ff397e0abc9918e0f08d550962b81e69dfb3cab579a2ac81e2c57658da2c35a9be9f8
- SSDEEP
  
  1536:8SheTaT7z12BWR74mdItPighZ+7YvgxBFQ:jheTKz12BWR76BhbynQ
Score

1^/10
behavioral27 behavioral28
- Target
  
  XWorm_V3.1/Plugins/Informations.dll
- Size
  
  22KB
- MD5
  
  da772b035ae5b347de1b17e2e24463dc
- SHA1
  
  5ba3cdaf6e33c58cfd8ccecbe14310a035e00523
- SHA256
  
  88569d549e184ef63f2c2ae4e3c3adc9d957296b6a67cf0ee94287d681cc0934
- SHA512
  
  ba396154e899dca31312ab9e2a14682aed0a51b5d45db4b0c72efad5cd74767c5bde2bf90099bd886a52adcdf8abb66ff16dcd992ed6a7598ce49e3afaa95922
- SSDEEP
  
  384:DnQf5APE80e6vkD7RQQpOJXWn3TmoNhxJNSOFD45fZ41:DnQfGPEOD7vcJKj3NSRZQ
Score

1^/10
behavioral29 behavioral30
- Target
  
  XWorm_V3.1/Plugins/Keylogger.dll
- Size
  
  17KB
- MD5
  
  84e36d752271a46310b0afb8482a08ce
- SHA1
  
  2e922c41f7136f327f74354afe7eace5484cb2d5
- SHA256
  
  e2daf2c0841090b2dff517e14acd48d393b899be1e213f001229d1af9a1de2b8
- SHA512
  
  0b1632a766feec97de5e30a22e6abca67119e53d8715bc22d15970731e91446b17b625614cad79d887299dbc5b5fa78c66db2b0c36167a3009a678a5086b726c
- SSDEEP
  
  192:BLCuLDdyxqvzfZ3ium13gyWacxv8ilNwOHLnq4UP1XPeDN6IW1Y6Up90Kli8Jlb0:QuDdYe0umJ6xfwEO4UNWD8Upt15h6V
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32