Overview

overview

10

Static

static

3

DOCUMENTOS...83.exe

windows10-2004-x64

10

DOCUMENTOS...83.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    DOCUMENTOS DETALLADOS PARA PROCESO LEGAL, ANEXOS 7342987363478021871266893470921468042370924147246083.exe.bin

  • Size

    1.1MB

  • Sample

    241120-tl68yazdpj

  • MD5

    37808034c4c48ae4fd516daf4ad7f61d

  • SHA1

    073a64ea526ed87d26c265a14f06a9ca62e120df

  • SHA256

    c5861e298e0352018b982c381bc63dc0248bb45c939fe91eb69d72e5469a2460

  • SHA512

    a29b42d7e40505d42e0f6d747ced4db0efd8308b0975cb6710867c0317742f3abcc4aa6f1cf41f9a3a84ba633a2c8221119b7ea44fefa330f9727b3091313f54

  • SSDEEP

    24576:IBFtxUtMhFfz2VzZqhCwHIGgRstvkw/sCcwCsyB:CdFfz2MCAIGgRshkcC

Score
10/10
asyncratcomisariadiscoveryrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7A

Botnet

COMISARIA

C2

comisaria11.duckdns.org:6606

Mutex

uuooxuxbnkywum

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      DOCUMENTOS DETALLADOS PARA PROCESO LEGAL, ANEXOS 7342987363478021871266893470921468042370924147246083.exe.bin

    • Size

      1.1MB

    • MD5

      37808034c4c48ae4fd516daf4ad7f61d

    • SHA1

      073a64ea526ed87d26c265a14f06a9ca62e120df

    • SHA256

      c5861e298e0352018b982c381bc63dc0248bb45c939fe91eb69d72e5469a2460

    • SHA512

      a29b42d7e40505d42e0f6d747ced4db0efd8308b0975cb6710867c0317742f3abcc4aa6f1cf41f9a3a84ba633a2c8221119b7ea44fefa330f9727b3091313f54

    • SSDEEP

      24576:IBFtxUtMhFfz2VzZqhCwHIGgRstvkw/sCcwCsyB:CdFfz2MCAIGgRshkcC

    Score
    10/10
    asyncratcomisariadiscoveryrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat

    • Drops startup file

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks