Overview

overview

10

Static

static

3

ENVIO COPI...da.exe

windows7-x64

10

ENVIO COPI...da.exe

windows10-2004-x64

10

ENVIO COPI...ib.dll

windows7-x64

1

ENVIO COPI...ib.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ENVIO_COPIA_DE_LA_NOTIFICACION_ELECTRONICA_DEMANDA.tar.bin.tar

  • Size

    4.3MB

  • Sample

    241119-qf33jsxcjn

  • MD5

    01e97bba9f4d2c4b9fe20a027421c896

  • SHA1

    f2337dd8edd0111ccb5781b747c5932f6f443ba7

  • SHA256

    f0400b06676859c0b8140cfe8fcdc370f51627224a39db387d261c4582e2fe08

  • SHA512

    8c36cd134f1672940e6cf3e0203d4af11a00f2d0d764d082bad7fad1ad2e6583e67ab32daf1337f2a4c71a11971c5b78015b7873484a5805f56448dab8f83aec

  • SSDEEP

    98304:2SO66tfbtAQhxET+S2N6U4dOCN+qwX8QeF/SoNge74VeleF691qP:5ho6Qs+/N6UANJwsQs/a44WwP

Score
10/10
asyncratdefaultdiscoveryrat

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

Default

C2

envnuev1124.duckdns.org:3013

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      ENVIO COPIA DE LA NOTIFICACION ELECTRONICA DEMANDA/01 notifico demanda.exe

    • Size

      12.0MB

    • MD5

      a7118dffeac3772076f1a39a364d608d

    • SHA1

      6b984d9446f23579e154ec47437b9cf820fd6b67

    • SHA256

      f1973746ac0a703b23526f68c639436f0b26b0bc71c4f5adf36dc5f6e8a7f4d0

    • SHA512

      f547c13b78acda9ca0523f0f8cd966c906f70a23a266ac86156dc7e17e6349e5f506366787e7a7823e2b07b0d614c9bd08e34ca5cc4f48799b0fe36ac836e890

    • SSDEEP

      98304:ReAtQzKADvk/9TEaImN9/tiHBIn8c3hCEFRUTaZnPZOtXwH:ReAOWOM/FE1mNHiFc3hr7UTaZnhOtXwH

    Score
    10/10
    asyncratdefaultdiscoveryrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      ENVIO COPIA DE LA NOTIFICACION ELECTRONICA DEMANDA/tak_deco_lib.dll

    • Size

      315KB

    • MD5

      2a5007538c3d07e8e00f1fe2f2278a1f

    • SHA1

      bad7994e684bc88e50678d8cbc83cd373661b8ca

    • SHA256

      680fce766ab3f38d495f57b07c77db6e0d8129871a6a5e8350826ef40b8732b7

    • SHA512

      9780c88bd48e96fc87791836bb651a8feceeebf5b85c2c2b5783fba8999a5a5319abc4b5f245519a858c9c19e07224f6ed3bd9ce643c2210afd6e6bea95b21b5

    • SSDEEP

      3072:dAbAJvRdy6UwambkfOhOmesG+4ny2lV0QM4:+Yj02IfmRHAyQV7

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks