asyncrat

General

Target

1OFICIO DE NOTIFICACIÓN EJECTRÓNICA CENDO RAMA JUDICIAL DE LA REPÚBLICA DE COLOMBIA.tar.cab.tar.001.rar
Size

2.1MB
Sample

241118-mg4tpazkem
MD5

e37d1c93d6a35e4c9b309e94fcb16770
SHA1

ca94b33c8ad9ba8a7031c389a3f0181a3dc47df4
SHA256

eb6e8a6e57d3c3e27dfc0e5d63ed07640e5d6ceebcb072f58a60ddcfc3f00dea
SHA512

c07195261c32f8ee0a1e2917631e87b3915689e97d50fbec044f835694e01a4edd62ca5504195e0b6d38ea1f47615514b7e6b4b4022a9481b55f7f4bb95fb0e1
SSDEEP

49152:CyO1YUqKuvNwBCyUiggqo+WfZSH2ZjmZwnwQweLse3jc/:CCUJggP+USW1w/aH3jc/

Score

10^/10

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

FENIX INRY 29

C2

7012oj.duckdns.org:9003

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  OFICIO DE NOTIFICACIÓN EJECTRÓNICA CENDO RAMA JUDICIAL DE LA REPÚBLICA DE COLOMBIA/00029 NotifiacionElectronica.exe
- Size
  
  2.2MB
- MD5
  
  d9530ecee42acccfd3871672a511bc9e
- SHA1
  
  89b4d2406f1294bd699ef231a4def5f495f12778
- SHA256
  
  81e04f9a131534acc0e9de08718c062d3d74c80c7f168ec7e699cd4b2bd0f280
- SHA512
  
  d5f048ea995affdf9893ec4c5ac5eb188b6714f5b6712e0b5a316702033421b145b8ee6a62d303eb4576bf8f57273ff35c5d675807563a31157136f79d8a9980
- SSDEEP
  
  49152:rHOut2Bf0ajIM8XEEN6N0rE/I/vqn7krQEQusd5F:VbaMbXbE/I/SnwrQEQusd/
Score

10^/10

asyncrat fenix inry 29 discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  OFICIO DE NOTIFICACIÓN EJECTRÓNICA CENDO RAMA JUDICIAL DE LA REPÚBLICA DE COLOMBIA/d3dx9_43.dll
- Size
  
  1.9MB
- MD5
  
  d87de826ca653d3bfe426337eadc0ee3
- SHA1
  
  6b2b89a1c20912ba848777722e49978443cc4b80
- SHA256
  
  6f0b9e1f52998e21db8b5a07305d93e699e9e766c0d04403f436e2551946701e
- SHA512
  
  06faa842aab3ffe9fab4fc84951bbb38d499a1b0220cd4924571359521069ff2c56e702d640331dbf3b7feb59e67140bbf310f7c983918da8cde299f61432c67
- SSDEEP
  
  24576:QtU6OIyl2Wy9M3bJ45fPS0zFZghQ6aOiFaKOE31GrvFXl74YZ29X1MDd6olmrBFl:t66l2u45BiNYFrz31Cv3D29kd6kcf
Score

3^/10

discovery
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Asyncrat family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4