Overview

overview

10

Static

static

3

NOTIFICACI...ca.exe

windows7-x64

10

NOTIFICACI...ca.exe

windows10-2004-x64

10

NOTIFICACI...ib.dll

windows7-x64

3

NOTIFICACI...ib.dll

windows10-2004-x64

3

NOTIFICACI...Db.dll

windows7-x64

3

NOTIFICACI...Db.dll

windows10-2004-x64

3

NOTIFICACI...el.dll

windows7-x64

3

NOTIFICACI...el.dll

windows10-2004-x64

3

NOTIFICACI...ib.dll

windows7-x64

3

NOTIFICACI...ib.dll

windows10-2004-x64

3

NOTIFICACI...ls.dll

windows7-x64

3

NOTIFICACI...ls.dll

windows10-2004-x64

3

NOTIFICACI...ls.dll

windows7-x64

3

NOTIFICACI...ls.dll

windows10-2004-x64

3

NOTIFICACI...49.dll

windows7-x64

3

NOTIFICACI...49.dll

windows10-2004-x64

3

NOTIFICACI...71.dll

windows7-x64

3

NOTIFICACI...71.dll

windows10-2004-x64

3

NOTIFICACI...71.dll

windows7-x64

3

NOTIFICACI...71.dll

windows10-2004-x64

3

NOTIFICACI...t6.dll

windows7-x64

3

NOTIFICACI...t6.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    15112024_0500_2NOTIFICACIÓN ELECTRÓNCIA JUDICIAL ESM AGRADECEMOS CONFIRMAR RECIBIDO 15.tar.uue.tar.001

  • Size

    1.9MB

  • Sample

    241115-fm5vlszarm

  • MD5

    232c2864f207ea7d1dcf64228ecd3e07

  • SHA1

    5cf1534aca3e925f78f8521206b20e08c1caaede

  • SHA256

    9d957b86c153e94d8ed0bd275026aa2431d4040218cc0054a446f0ceeea83ffd

  • SHA512

    60ecdefa98e6bf147b55f24203c03cc486a7381f1688256790282e4f71b05a3bd9f08388f736e0e479fba33eece61af073801406f2ec956dbff2bdbef9811b83

  • SSDEEP

    49152:3oRJr/dtfLNOGXTp/blBMt2+z3DvRrjwtNevN6gH:3Whl5YGv9U3FrjkevNV

Score
10/10
asyncrat*** 14 nov ***discoveryrat

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

*** 14 NOV ***

C2

12novwins.duckdns.org:9003

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      NOTIFICACIÓN ELECTRÓNCIA JUDICIAL ESM AGRADECEMOS CONFIRMAR RECIBIDO 15/00014 NotificacionElectronica.exe

    • Size

      168KB

    • MD5

      aef6452711538d9021f929a2a5f633cf

    • SHA1

      205b7fab75e77d1ff123991489462d39128e03f6

    • SHA256

      e611a1ffbe9e08a2660bc290a581aa0b54637524aaf6040a70e54f97136ce5ac

    • SHA512

      7ad84d4d3bab3f5a3e14f336d8931bf4b876299000081b2a94a3fcf698c56b82514753b483c5b8d7ae84ddd92ee1c4043fa5e7fb7c4f7e9eb52ca8c794e508b7

    • SSDEEP

      3072:+CNUaViEqjY1uimO3soWBgZNENeo0TzSCOtCUon/BA2gGaA44:dwEq7HO8ohEsxHSC+CUO/Bxk4

    Score
    10/10
    asyncrat*** 14 nov ***discoveryrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      NOTIFICACIÓN ELECTRÓNCIA JUDICIAL ESM AGRADECEMOS CONFIRMAR RECIBIDO 15/MCoreLib.dll

    • Size

      106KB

    • MD5

      815b07c37c83b13457d37ca8c6a7a561

    • SHA1

      746138b85e5611fd058c008411889a15870083cd

    • SHA256

      153c1b5e96e7bc4c9f858c3cc3bc6cd5e09ef68776d95871ca38824c430654c4

    • SHA512

      8949ab1deae036ae785ad20c634519aa368b4768f0dd65c0dc53f8ea70dd7d707c984277b914de14054eb8a044182ff78205e3a02555e377750bb829760b8c31

    • SSDEEP

      1536:3TiEEijMKdzfgbmuNOaAr5jvlY44I2UpoURQr9QblKseK5LgaEirhshZxd7Upy9:OtijKmuNOtrpy4roUGr2bl+/Kpy9

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      NOTIFICACIÓN ELECTRÓNCIA JUDICIAL ESM AGRADECEMOS CONFIRMAR RECIBIDO 15/MDb.dll

    • Size

      205KB

    • MD5

      be1262b27ff4a4349b337cc95b7746e7

    • SHA1

      a88b9a167baedbaef047b862caecb8206548c2f6

    • SHA256

      ab47f3a52c1c2a7f1855c48e2d085e87345590b1fb78353c7070c3b6600843fd

    • SHA512

      d70a9f1113b2b11ff5df3644b97d13cfe1deee1def13e751eabd8e84858e4ae6eb58d45926a1443cafbb7a261bcb61285b4c316014b43c6c6971f7261e13bb96

    • SSDEEP

      3072:hMVu/+Sy4i78/IOykAQyfN/MIZIfobQJYf7hJ13KBBlDqXO6:hz+SV/IOQZEGioIeOq+

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      NOTIFICACIÓN ELECTRÓNCIA JUDICIAL ESM AGRADECEMOS CONFIRMAR RECIBIDO 15/MKernel.dll

    • Size

      219KB

    • MD5

      98a71909605b7d088f82d66abc64d4c2

    • SHA1

      1e250127851a331dd914215348ef51fff78442c9

    • SHA256

      46410947d60a8b92869aa2cf27b57a94c710047f168ac3bc23879a8461f8686a

    • SHA512

      efa8e407e3fbfb81da07b584b8bbd2a440074388ae3ff6175abc88614b42b53ca70206e7ada00273457fafac58d7729f1c945a9e79ce793bc48229035194b267

    • SSDEEP

      6144:93Eu/Gz1z6cd2eEflWORcigoKBB9QgQa2l:J+Jz6cd2BlxKB0

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      NOTIFICACIÓN ELECTRÓNCIA JUDICIAL ESM AGRADECEMOS CONFIRMAR RECIBIDO 15/MUICoreLib.dll

    • Size

      824KB

    • MD5

      60a5383ba17d8f519cb4356e28873a14

    • SHA1

      6bf70393d957320a921226c7fcdf352a0a67442d

    • SHA256

      80878e4543959b63cbd87e3ebb82f4988cbbdf9da564370aa15410783c5f343f

    • SHA512

      a0e0ef1d821e13977d14a806357128285edc0a26c01dcf9fd99e7c62f8efccdf608b1c0dceb1f3f40e988692eb549e22193d9ce253a1c0c1d8b10c46955bee12

    • SSDEEP

      12288:0/Ka9tTMxe3NmvU7sBlHaLZuJJPgcCq+1kbb7Uety9v:0/P9tTMxe3NmOsB0LZuvYcCq+o3Ue49

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      NOTIFICACIÓN ELECTRÓNCIA JUDICIAL ESM AGRADECEMOS CONFIRMAR RECIBIDO 15/MUIUtils.dll

    • Size

      385KB

    • MD5

      97d6efb8b8e0b0f03701a7bafc398545

    • SHA1

      0fe11e0b7f47fdec9aaa98b83728c125409e9d5b

    • SHA256

      51c8715fac6797b7f962a68903f1f994c2af1088ac31972b5e512dab5ab4fd8e

    • SHA512

      2bf8935ad96f35586be6074e8798fa36ee13a05cef05aa0df120ef6800cc1d941310c672894d2380b87c7491663c137fa5bcade4a732bcc6448ba3bf0badb2d7

    • SSDEEP

      6144:2sOfOXbrZthMAjzD7rK4CA5Jh55W5/js47WOZXizi:2sOfOXbBpvG4zhPy3Zt

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      NOTIFICACIÓN ELECTRÓNCIA JUDICIAL ESM AGRADECEMOS CONFIRMAR RECIBIDO 15/MUtils.dll

    • Size

      619KB

    • MD5

      6da9a492898b66db78f5c9d3fc7ecc64

    • SHA1

      d264f67d92ccd4cfeaed1510ed0b6ae90d3f7db4

    • SHA256

      50dfc607913a47dd266e27f6533f3f6b8f9fe995582f7662a944149a26b5054c

    • SHA512

      11bc138d16f279d70ece09e3d238ce891bc5015b6d49a750e153c2b9286bf95e285e818ed5e25e7c731cdfff1324cdb74155f68fda0ef8104eb0d554e2b2923e

    • SSDEEP

      12288:OM9gTRuz4D8LNPKworLS82aZkg33/IbH:aTR5QPRYdkZb

    Score
    3/10
    discovery
    behavioral13behavioral14

    • Target

      NOTIFICACIÓN ELECTRÓNCIA JUDICIAL ESM AGRADECEMOS CONFIRMAR RECIBIDO 15/coolcore49.dll

    • Size

      764KB

    • MD5

      4f27d1bacaf09d1919484355b341c868

    • SHA1

      f1be78d484235270a1416c6acb20e2915ae050db

    • SHA256

      12cddd3c62ff777f1738226fe0b4b36c8170e5e1c0c47fb5913f1a780dc5f450

    • SHA512

      328277fe18d2bbc11160d0c239c90e94d2689b8dbefb6fe46febb730fbcc6e18ced429f839d7a81d8e1b42fe4c1cb4afaaa5745353daf271ac21984f5c67aced

    • SSDEEP

      12288:Ru6SIFGSvPRLixnF6XXwE24ms0JmH/Iu+OQq7iRotw3xIuZ4lzTOj31RBn3dN+1g:yohvPRLixnF6nYW0JmfIu+OQxRotw3xb

    Score
    3/10
    discovery
    behavioral15behavioral16

    • Target

      NOTIFICACIÓN ELECTRÓNCIA JUDICIAL ESM AGRADECEMOS CONFIRMAR RECIBIDO 15/msvcp71.dll

    • Size

      488KB

    • MD5

      561fa2abb31dfa8fab762145f81667c2

    • SHA1

      c8ccb04eedac821a13fae314a2435192860c72b8

    • SHA256

      df96156f6a548fd6fe5672918de5ae4509d3c810a57bffd2a91de45a3ed5b23b

    • SHA512

      7d960aa8e3cce22d63a6723d7f00c195de7de83b877eca126e339e2d8cc9859e813e05c5c0a5671a75bb717243e9295fd13e5e17d8c6660eb59f5baee63a7c43

    • SSDEEP

      12288:fJzxYPVsBnxO/R7krZhUgiW6QR7t5k3Ooc8iHkC2eq:fZxvBnxOJ7ki3Ooc8iHkC2e

    Score
    3/10
    discovery
    behavioral17behavioral18

    • Target

      NOTIFICACIÓN ELECTRÓNCIA JUDICIAL ESM AGRADECEMOS CONFIRMAR RECIBIDO 15/msvcr71.dll

    • Size

      340KB

    • MD5

      86f1895ae8c5e8b17d99ece768a70732

    • SHA1

      d5502a1d00787d68f548ddeebbde1eca5e2b38ca

    • SHA256

      8094af5ee310714caebccaeee7769ffb08048503ba478b879edfef5f1a24fefe

    • SHA512

      3b7ce2b67056b6e005472b73447d2226677a8cadae70428873f7efa5ed11a3b3dbf6b1a42c5b05b1f2b1d8e06ff50dfc6532f043af8452ed87687eefbf1791da

    • SSDEEP

      6144:OcV9z83OtqxnEYmt3NEnvfF+Tbmbw6An8FMciFMNrb3YgxxpbCAOxO2ElvlE:Ooz83OtIEzW+/m/AyF7bCrO/E

    Score
    3/10
    discovery
    behavioral19behavioral20

    • Target

      NOTIFICACIÓN ELECTRÓNCIA JUDICIAL ESM AGRADECEMOS CONFIRMAR RECIBIDO 15/xprt6.dll

    • Size

      244KB

    • MD5

      0d1483c2294daa1474dcff11c62f2f13

    • SHA1

      9d7f08a23f66bf8158e49be89c708c5920eb86ab

    • SHA256

      253033bc95bf23a7d6114d2e31d2afcffc5353b259049b65fd4d71a02c07fc96

    • SHA512

      5c5f59a24c3204fb442396120102e3078fca1b0ae3455a1d695df7a38d8b5d070d4972997f334557df213c415b5062364aba57d14ae6b3385a1fe642e7457fc8

    • SSDEEP

      6144:JcQqwMB0cmTPYiI5Ut6F2Mm9hEm3KGaTB/t4elnEIfx:OgMB0c4S6g2MmAoaT9t4eNNx

    Score
    3/10
    discovery
    behavioral21behavioral22

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

asyncrat*** 14 nov ***discoveryrat
Score
10/10

behavioral2

asyncrat*** 14 nov ***discoveryrat
Score
10/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

discovery
Score
3/10

behavioral14

discovery
Score
3/10

behavioral15

discovery
Score
3/10

behavioral16

discovery
Score
3/10

behavioral17

discovery
Score
3/10

behavioral18

discovery
Score
3/10

behavioral19

discovery
Score
3/10

behavioral20

discovery
Score
3/10

behavioral21

discovery
Score
3/10

behavioral22

discovery
Score
3/10