General
-
Target
c59ed15bd3089985200b63ff1f5bfb688fd47c799aa68c8ff49cdc784bf2a209
-
Size
2.0MB
-
Sample
241112-xel6zayepg
-
MD5
1c3ec4b922f1fcd30997e28da46717ae
-
SHA1
2b246f80fada21e9cfec16519927f0d5b7d6f8c0
-
SHA256
c59ed15bd3089985200b63ff1f5bfb688fd47c799aa68c8ff49cdc784bf2a209
-
SHA512
d16c617432505464c15ada8976079f64d309e77acb273daf1ceaef9943c20be1c4794b5ba40ddb95d2ac977e6eb26ed6f0ad5129215fa9683fb354402b3f9e06
-
SSDEEP
49152:QCrYT+gtIUhDRFOZfeyxbttqbhy7aeHnd/fZhAe9l23K3sl:JrC/1hvoxbttv7aeDFlAasl
Static task
static1
Behavioral task
behavioral1
Sample
DEMANDA FRAUDE FISCAL 5634564/01 DEMANDA FRAUDE FISCAL 0545465.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
DEMANDA FRAUDE FISCAL 5634564/01 DEMANDA FRAUDE FISCAL 0545465.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
DEMANDA FRAUDE FISCAL 5634564/msvcr90.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
DEMANDA FRAUDE FISCAL 5634564/msvcr90.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
DEMANDA FRAUDE FISCAL 5634564/python27.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
DEMANDA FRAUDE FISCAL 5634564/python27.dll
Resource
win10v2004-20241007-en
Malware Config
Extracted
asyncrat
| CRACKED BY https://t.me/xworm_v2
WARrose
proxa.kozow.com:7373
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
DEMANDA FRAUDE FISCAL 5634564/01 DEMANDA FRAUDE FISCAL 0545465.exe
-
Size
28KB
-
MD5
b6f6c3c38568ee26f1ac70411a822405
-
SHA1
5b94d0adac4df2d7179c378750c4e3417231125f
-
SHA256
a73454c7fad23a80a3f6540afdb64fc334980a11402569f1986aa39995ae496d
-
SHA512
5c0a5e9a623a942aff9d58d6e7a23b7d2bba6a4155824aa8bb94dbd069a8c15c00df48f12224622efcd5042b6847c8fb476c43390e9e576c42efc22e3c02a122
-
SSDEEP
768:+yq82Ud7/zfkn8I+ilpd4TILqIgXYoBCH/3hprl:Zq824LfMV4TqqIgXYoBCH/3hpB
-
Asyncrat family
-
Suspicious use of SetThreadContext
-
-
-
Target
DEMANDA FRAUDE FISCAL 5634564/msvcr90.dll
-
Size
638KB
-
MD5
11d49148a302de4104ded6a92b78b0ed
-
SHA1
fd58a091b39ed52611ade20a782ef58ac33012af
-
SHA256
ceb0947d898bc2a55a50f092f5ed3f7be64ac1cd4661022eefd3edd4029213b0
-
SHA512
fdc43b3ee38f7beb2375c953a29db8bcf66b73b78ccc04b147e26108f3b650c0a431b276853bb8e08167d34a8cc9c6b7918daef9ebc0a4833b1534c5afac75e4
-
SSDEEP
12288:5hr4UC+Ju/A0BI4yWkoGKJwZ9axKmhYTMAO7wFKjCUmRyyPe:9JfyZFGKJjxKmhSMAB6CUmRyyPe
Score3/10 -
-
-
Target
DEMANDA FRAUDE FISCAL 5634564/python27.dll
-
Size
2.5MB
-
MD5
bcb47f9afdc413376cb398a9f10224e0
-
SHA1
33f14f71b7ad0588290e8b52b14397be1ec5e0c7
-
SHA256
b978df02dba6ad0494187e4b25d0a41ee889f6ab2d1e778dddc503c4244dcb7d
-
SHA512
61b04e64987eb63cdacd402f79fc6d703b101036f4bd2e8798c3182b2bd2d47fc379e5a8ecc5417ecbf715986e3e71eb4dde2a4d5bdc6a5ae23fd4fc5dfc1123
-
SSDEEP
49152:Ed0krhjbVYU9U/ElyrLKlvGBO58GBjd9nYM6JBe4PjnhMsQHNClhIdYTf2O+yX3M:tkrRyylvGB65fNCMghMtHIledkpQa
Score3/10 -