General

  • Target

    ENVIOCOPIADELANOTIFICACIONELECTRONICADEMANDA.tar

  • Size

    12.9MB

  • Sample

    241119-rgc37awqcs

  • MD5

    a02ff4f8956616f3c15f2d3e38b0a2d0

  • SHA1

    5e8ca35c2d39ac694dcfff1a4b2d11e9aaa5c8c6

  • SHA256

    08677f9228e22c78ac5021183f95fe7cf6e9a771d7010c29f5ca5aa4bc3635da

  • SHA512

    79395b60d15edbcf9258213d1ec96220d139ac2d235587a8abee31309861c22411a3cc8273ab1861801d8411f56346c134ad8ad9b446f85fa5ee0f3ee4fe1215

  • SSDEEP

    196608:meAOWOM/FE1mNHiFc3hr7UTaZnhOtXwZKM:mlOwFC8Hiu3hr7TZn0tXwZ

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

Default

C2

envnuev1124.duckdns.org:3013

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      ENVIO COPIA DE LA NOTIFICACION ELECTRONICA DEMANDA/01 notifico demanda.exe

    • Size

      12.0MB

    • MD5

      a7118dffeac3772076f1a39a364d608d

    • SHA1

      6b984d9446f23579e154ec47437b9cf820fd6b67

    • SHA256

      f1973746ac0a703b23526f68c639436f0b26b0bc71c4f5adf36dc5f6e8a7f4d0

    • SHA512

      f547c13b78acda9ca0523f0f8cd966c906f70a23a266ac86156dc7e17e6349e5f506366787e7a7823e2b07b0d614c9bd08e34ca5cc4f48799b0fe36ac836e890

    • SSDEEP

      98304:ReAtQzKADvk/9TEaImN9/tiHBIn8c3hCEFRUTaZnPZOtXwH:ReAOWOM/FE1mNHiFc3hr7UTaZnhOtXwH

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Asyncrat family

    • Suspicious use of SetThreadContext

    • Target

      ENVIO COPIA DE LA NOTIFICACION ELECTRONICA DEMANDA/tak_deco_lib.dll

    • Size

      315KB

    • MD5

      2a5007538c3d07e8e00f1fe2f2278a1f

    • SHA1

      bad7994e684bc88e50678d8cbc83cd373661b8ca

    • SHA256

      680fce766ab3f38d495f57b07c77db6e0d8129871a6a5e8350826ef40b8732b7

    • SHA512

      9780c88bd48e96fc87791836bb651a8feceeebf5b85c2c2b5783fba8999a5a5319abc4b5f245519a858c9c19e07224f6ed3bd9ce643c2210afd6e6bea95b21b5

    • SSDEEP

      3072:dAbAJvRdy6UwambkfOhOmesG+4ny2lV0QM4:+Yj02IfmRHAyQV7

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks