Overview
overview
10Static
static
3Oficio 192...ca.exe
windows7-x64
10Oficio 192...ca.exe
windows10-2004-x64
10Oficio 192...ib.dll
windows7-x64
3Oficio 192...ib.dll
windows10-2004-x64
3Oficio 192...Db.dll
windows7-x64
3Oficio 192...Db.dll
windows10-2004-x64
3Oficio 192...el.dll
windows7-x64
3Oficio 192...el.dll
windows10-2004-x64
3Oficio 192...ib.dll
windows7-x64
3Oficio 192...ib.dll
windows10-2004-x64
3Oficio 192...ls.dll
windows7-x64
3Oficio 192...ls.dll
windows10-2004-x64
3Oficio 192...ls.dll
windows7-x64
3Oficio 192...ls.dll
windows10-2004-x64
3Oficio 192...49.dll
windows7-x64
3Oficio 192...49.dll
windows10-2004-x64
3Oficio 192...71.dll
windows7-x64
3Oficio 192...71.dll
windows10-2004-x64
3Oficio 192...71.dll
windows7-x64
3Oficio 192...71.dll
windows10-2004-x64
3Oficio 192...t6.dll
windows7-x64
3Oficio 192...t6.dll
windows10-2004-x64
3General
-
Target
c83dfede8b29f66fd576803d4e0d9148b9d6da95fe6c82402c3eb75dd5777f0a.tar
-
Size
4.8MB
-
Sample
241117-qk7ars1bna
-
MD5
52046679023c2eee8f86dff16f044e5d
-
SHA1
78a39a266232122f4f65eb0100b8054cab88ffb4
-
SHA256
c83dfede8b29f66fd576803d4e0d9148b9d6da95fe6c82402c3eb75dd5777f0a
-
SHA512
339ec250defa79d4f0d0d0acfc0d51faa7c8c5322f8025fd0654dc3da8fabda65e56738a5bf74089254fa1b09897b3265a131f3e121cafa5a6eaba2c15032802
-
SSDEEP
98304:4hooohX80nmuSxRotw3olqRBPEALonKcnxOf+KGdN+YANl6:4hoo8X80nmuSxRoq3olqRBPEJnKcnxOz
Static task
static1
Behavioral task
behavioral1
Sample
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/00012NotificacionElectronica.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/00012NotificacionElectronica.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/MCoreLib.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/MCoreLib.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/MDb.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/MDb.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/MKernel.dll
Resource
win7-20241010-en
Behavioral task
behavioral8
Sample
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/MKernel.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/MUICoreLib.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/MUICoreLib.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/MUIUtils.dll
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/MUIUtils.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/MUtils.dll
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/MUtils.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/coolcore49.dll
Resource
win7-20240729-en
Behavioral task
behavioral16
Sample
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/coolcore49.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/msvcp71.dll
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/msvcp71.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/msvcr71.dll
Resource
win7-20241010-en
Behavioral task
behavioral20
Sample
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/msvcr71.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/xprt6.dll
Resource
win7-20241023-en
Behavioral task
behavioral22
Sample
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/xprt6.dll
Resource
win10v2004-20241007-en
Malware Config
Extracted
asyncrat
| CRACKED BY https://t.me/xworm_v2
12 noviembre
12novwins.duckdns.org:9003
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/00012NotificacionElectronica.exe
-
Size
168KB
-
MD5
aef6452711538d9021f929a2a5f633cf
-
SHA1
205b7fab75e77d1ff123991489462d39128e03f6
-
SHA256
e611a1ffbe9e08a2660bc290a581aa0b54637524aaf6040a70e54f97136ce5ac
-
SHA512
7ad84d4d3bab3f5a3e14f336d8931bf4b876299000081b2a94a3fcf698c56b82514753b483c5b8d7ae84ddd92ee1c4043fa5e7fb7c4f7e9eb52ca8c794e508b7
-
SSDEEP
3072:+CNUaViEqjY1uimO3soWBgZNENeo0TzSCOtCUon/BA2gGaA44:dwEq7HO8ohEsxHSC+CUO/Bxk4
Score10/10-
Asyncrat family
-
Suspicious use of SetThreadContext
-
-
-
Target
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/MCoreLib.dll
-
Size
106KB
-
MD5
815b07c37c83b13457d37ca8c6a7a561
-
SHA1
746138b85e5611fd058c008411889a15870083cd
-
SHA256
153c1b5e96e7bc4c9f858c3cc3bc6cd5e09ef68776d95871ca38824c430654c4
-
SHA512
8949ab1deae036ae785ad20c634519aa368b4768f0dd65c0dc53f8ea70dd7d707c984277b914de14054eb8a044182ff78205e3a02555e377750bb829760b8c31
-
SSDEEP
1536:3TiEEijMKdzfgbmuNOaAr5jvlY44I2UpoURQr9QblKseK5LgaEirhshZxd7Upy9:OtijKmuNOtrpy4roUGr2bl+/Kpy9
Score3/10 -
-
-
Target
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/MDb.dll
-
Size
205KB
-
MD5
be1262b27ff4a4349b337cc95b7746e7
-
SHA1
a88b9a167baedbaef047b862caecb8206548c2f6
-
SHA256
ab47f3a52c1c2a7f1855c48e2d085e87345590b1fb78353c7070c3b6600843fd
-
SHA512
d70a9f1113b2b11ff5df3644b97d13cfe1deee1def13e751eabd8e84858e4ae6eb58d45926a1443cafbb7a261bcb61285b4c316014b43c6c6971f7261e13bb96
-
SSDEEP
3072:hMVu/+Sy4i78/IOykAQyfN/MIZIfobQJYf7hJ13KBBlDqXO6:hz+SV/IOQZEGioIeOq+
Score3/10 -
-
-
Target
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/MKernel.dll
-
Size
219KB
-
MD5
98a71909605b7d088f82d66abc64d4c2
-
SHA1
1e250127851a331dd914215348ef51fff78442c9
-
SHA256
46410947d60a8b92869aa2cf27b57a94c710047f168ac3bc23879a8461f8686a
-
SHA512
efa8e407e3fbfb81da07b584b8bbd2a440074388ae3ff6175abc88614b42b53ca70206e7ada00273457fafac58d7729f1c945a9e79ce793bc48229035194b267
-
SSDEEP
6144:93Eu/Gz1z6cd2eEflWORcigoKBB9QgQa2l:J+Jz6cd2BlxKB0
Score3/10 -
-
-
Target
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/MUICoreLib.dll
-
Size
824KB
-
MD5
60a5383ba17d8f519cb4356e28873a14
-
SHA1
6bf70393d957320a921226c7fcdf352a0a67442d
-
SHA256
80878e4543959b63cbd87e3ebb82f4988cbbdf9da564370aa15410783c5f343f
-
SHA512
a0e0ef1d821e13977d14a806357128285edc0a26c01dcf9fd99e7c62f8efccdf608b1c0dceb1f3f40e988692eb549e22193d9ce253a1c0c1d8b10c46955bee12
-
SSDEEP
12288:0/Ka9tTMxe3NmvU7sBlHaLZuJJPgcCq+1kbb7Uety9v:0/P9tTMxe3NmOsB0LZuvYcCq+o3Ue49
Score3/10 -
-
-
Target
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/MUIUtils.dll
-
Size
385KB
-
MD5
97d6efb8b8e0b0f03701a7bafc398545
-
SHA1
0fe11e0b7f47fdec9aaa98b83728c125409e9d5b
-
SHA256
51c8715fac6797b7f962a68903f1f994c2af1088ac31972b5e512dab5ab4fd8e
-
SHA512
2bf8935ad96f35586be6074e8798fa36ee13a05cef05aa0df120ef6800cc1d941310c672894d2380b87c7491663c137fa5bcade4a732bcc6448ba3bf0badb2d7
-
SSDEEP
6144:2sOfOXbrZthMAjzD7rK4CA5Jh55W5/js47WOZXizi:2sOfOXbBpvG4zhPy3Zt
Score3/10 -
-
-
Target
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/MUtils.dll
-
Size
619KB
-
MD5
6da9a492898b66db78f5c9d3fc7ecc64
-
SHA1
d264f67d92ccd4cfeaed1510ed0b6ae90d3f7db4
-
SHA256
50dfc607913a47dd266e27f6533f3f6b8f9fe995582f7662a944149a26b5054c
-
SHA512
11bc138d16f279d70ece09e3d238ce891bc5015b6d49a750e153c2b9286bf95e285e818ed5e25e7c731cdfff1324cdb74155f68fda0ef8104eb0d554e2b2923e
-
SSDEEP
12288:OM9gTRuz4D8LNPKworLS82aZkg33/IbH:aTR5QPRYdkZb
Score3/10 -
-
-
Target
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/coolcore49.dll
-
Size
764KB
-
MD5
02ddce012b021879d5b3e980c48f2d2f
-
SHA1
0a7b556947b717b297dd312ee4579cfdb30f6e3b
-
SHA256
4e38d88a59fc49ec56aafb207777d1987a9711b457514f09fed221dbf640111a
-
SHA512
b1ef87cfcc3063916e36e733024a3b49fa7cabf32531c3a3ec55021be229cd6c2ccedc184901beb6cac3a94e6c0283bb21d1638843dc6f4dd6c5a4be15379404
-
SSDEEP
12288:wZ6SIFGSvPRLixnF6XXwE24ms0JmH/Iu+OQq7iRotw3xIuZ4lzTOj31RBn3dN+1b:MohvPRLixnF6nYW0JmfIu+OQxRotw3x8
Score3/10 -
-
-
Target
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/msvcp71.dll
-
Size
488KB
-
MD5
561fa2abb31dfa8fab762145f81667c2
-
SHA1
c8ccb04eedac821a13fae314a2435192860c72b8
-
SHA256
df96156f6a548fd6fe5672918de5ae4509d3c810a57bffd2a91de45a3ed5b23b
-
SHA512
7d960aa8e3cce22d63a6723d7f00c195de7de83b877eca126e339e2d8cc9859e813e05c5c0a5671a75bb717243e9295fd13e5e17d8c6660eb59f5baee63a7c43
-
SSDEEP
12288:fJzxYPVsBnxO/R7krZhUgiW6QR7t5k3Ooc8iHkC2eq:fZxvBnxOJ7ki3Ooc8iHkC2e
Score3/10 -
-
-
Target
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/msvcr71.dll
-
Size
340KB
-
MD5
86f1895ae8c5e8b17d99ece768a70732
-
SHA1
d5502a1d00787d68f548ddeebbde1eca5e2b38ca
-
SHA256
8094af5ee310714caebccaeee7769ffb08048503ba478b879edfef5f1a24fefe
-
SHA512
3b7ce2b67056b6e005472b73447d2226677a8cadae70428873f7efa5ed11a3b3dbf6b1a42c5b05b1f2b1d8e06ff50dfc6532f043af8452ed87687eefbf1791da
-
SSDEEP
6144:OcV9z83OtqxnEYmt3NEnvfF+Tbmbw6An8FMciFMNrb3YgxxpbCAOxO2ElvlE:Ooz83OtIEzW+/m/AyF7bCrO/E
Score3/10 -
-
-
Target
Oficio 192 Notificación Electrónica CENDO RAMA JUDICIAL RAD 1531651351651 1321351 00 354165/xprt6.dll
-
Size
244KB
-
MD5
d145903e217ddde20ce32ed9e5074e16
-
SHA1
bdb3265d872f446d7445aae4f2d0beba5dae3bd8
-
SHA256
9317971d3615415691420d06b06de89b67aea164877b74e308bb9c338ca0eca4
-
SHA512
00e7df32ab3c8a46b4e8761634ddeac28410f46a9312923f46b1d83376d69489653763661f2c51ac9f85028a11d8496c911eabcb55a19222caf311be61504666
-
SSDEEP
6144:AcQqAMBIcmTPYiI5Ut6F2Mm9hEm3KGaTB/t4elnEIfx:ZQMBIc4S6g2MmAoaT9t4eNNx
Score3/10 -