Overview

overview

10

Static

static

3

DEMANDA LA...ZA.exe

windows7-x64

10

DEMANDA LA...ZA.exe

windows10-2004-x64

10

DEMANDA LA...CI.dll

windows7-x64

3

DEMANDA LA...CI.dll

windows10-2004-x64

3

DEMANDA LA...fo.htm

windows7-x64

3

DEMANDA LA...fo.htm

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    34bf76143b814f6335ecb824054b95ee.zip

  • Size

    2.2MB

  • Sample

    241122-w1fewa1qal

  • MD5

    34bf76143b814f6335ecb824054b95ee

  • SHA1

    3c1352cac0e4c4d8e20323b7a9954d66877b30b6

  • SHA256

    158d3cd5743e4c133ebdd9a10f72550bf02939258ca9fc68509f2bcfbc5c9205

  • SHA512

    973eb56fe89ab419ef127b9714a51a5a41d5112756878003312f4a10aa9af18d6799f11e1f2e5b95587c981ed3d726e4288f0c552c7248158c84cf27970200c5

  • SSDEEP

    49152:j8bCbb+1lr86ZkkQYMvRES0+Ql4GFpEY+FygOd2cjXqioW:j1SlY6ZkLYMvR0VFe1FzOFaiv

Score
10/10
asyncratplatadiscoveryrat

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

PLATA

C2

powerupsnew.dynuddns.com:7474

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      DEMANDA LABORAL POR ABUSO DE CONFIANZA 01/01 DEMANDA LABORAL POR ABUSO DE CONFIANZA.exe

    • Size

      4.6MB

    • MD5

      ae2a273bd3297d0abe74f940f76575a8

    • SHA1

      73a8eaff4cb01bc03826bc90e7bd5f658bf2f5ac

    • SHA256

      1fd92aa46464f8453e33dc7461f80ee7b441f9042e9d0110086226c5f725bd9f

    • SHA512

      233e8d400138a72a2c64dcfcc0212e771c51d49a499e6a607b2b5a6ff4582fef05ebf551380193a5d00f9179e2b431ddc25a7e556a2857704008a4f5d3a2455a

    • SSDEEP

      98304:nXTE4R/w8VGgIW7ZLl3F2xXFHOBe1gORB9O:nXTE4RnQWBl3MgOE

    Score
    10/10
    asyncratplatadiscoveryrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      DEMANDA LABORAL POR ABUSO DE CONFIANZA 01/CI.dll

    • Size

      419KB

    • MD5

      0a703e5ebc5f31028f62e35f9111a55e

    • SHA1

      bdda728cf9c5cac81db4a5672d5e1ebb16334115

    • SHA256

      d25262c519e9846ea54f6c288e210df092cbda43734b2f9b38f97fd12274cf39

    • SHA512

      f53b8b9a820de108571c0dacadbf378f17262041541496bc2a97d9e07a726ebb5bc1f76628cce74b1368b0a2cb5c3500ab3d0b8fa5fabea2b7293a75f802abbe

    • SSDEEP

      12288:/aluwmjhN3joZl5Lv0kMU1qqUMsTzq4nT8pXp:xwmjIv0TWqqk3xT8pXp

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      DEMANDA LABORAL POR ABUSO DE CONFIANZA 01/info.htm

    • Size

      949B

    • MD5

      6642ecfd9abc4c366908d1107ba2514f

    • SHA1

      3420d1750a40ecbc3764810fd9193e855f33078f

    • SHA256

      89a7d58c875458308f86299b03ac99b73cf4fb7a14dbc43c94b4295f12696a7a

    • SHA512

      d5f469b2313510bba79c840c3dec9dff160bf68f48b12f3aaf107472e0f03435bfb2eaa9962b536e27eb66647304d7760e11ef22868bf129f698edbb057c7dc5

    Score
    3/10
    discovery
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks