Overview

overview

10

Static

static

3

DEMANDA LA...ZA.exe

windows7-x64

10

DEMANDA LA...ZA.exe

windows10-2004-x64

10

DEMANDA LA...CI.dll

windows7-x64

3

DEMANDA LA...CI.dll

windows10-2004-x64

3

DEMANDA LA...fo.htm

windows7-x64

3

DEMANDA LA...fo.htm

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1604e41e4c05ccdd3a0d2999e96a48b6.XZ

  • Size

    1.8MB

  • Sample

    241124-fdy1psvlay

  • MD5

    1604e41e4c05ccdd3a0d2999e96a48b6

  • SHA1

    61391fdb3abbf8caaf7b7ad95f5f7839d62ae285

  • SHA256

    f8f21c80d14ace60ba46fd0d5c54de1615d58f6bba7d10d6c0e019e6db4e7d4b

  • SHA512

    28c1041e5244d654a6f6058a96adb3da277333e1173afd4082fbed5942b0fa37cba558281869230672a5403ada708a1c9a340c1bd448325693609b90fd0051b1

  • SSDEEP

    49152:IA/xN4hJUfxJ/JzTXE/jC1/IPxbDBGfQrqO1:n/xO4fxb4LC1IPNXrD1

Score
10/10
asyncratplatadiscoveryrat

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

PLATA

C2

powerupsnew.dynuddns.com:7474

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      DEMANDA LABORAL POR ABUSO DE CONFIANZA 01/01 DEMANDA LABORAL POR ABUSO DE CONFIANZA.exe

    • Size

      4.6MB

    • MD5

      ae2a273bd3297d0abe74f940f76575a8

    • SHA1

      73a8eaff4cb01bc03826bc90e7bd5f658bf2f5ac

    • SHA256

      1fd92aa46464f8453e33dc7461f80ee7b441f9042e9d0110086226c5f725bd9f

    • SHA512

      233e8d400138a72a2c64dcfcc0212e771c51d49a499e6a607b2b5a6ff4582fef05ebf551380193a5d00f9179e2b431ddc25a7e556a2857704008a4f5d3a2455a

    • SSDEEP

      98304:nXTE4R/w8VGgIW7ZLl3F2xXFHOBe1gORB9O:nXTE4RnQWBl3MgOE

    Score
    10/10
    asyncratplatadiscoveryrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      DEMANDA LABORAL POR ABUSO DE CONFIANZA 01/CI.dll

    • Size

      419KB

    • MD5

      0a703e5ebc5f31028f62e35f9111a55e

    • SHA1

      bdda728cf9c5cac81db4a5672d5e1ebb16334115

    • SHA256

      d25262c519e9846ea54f6c288e210df092cbda43734b2f9b38f97fd12274cf39

    • SHA512

      f53b8b9a820de108571c0dacadbf378f17262041541496bc2a97d9e07a726ebb5bc1f76628cce74b1368b0a2cb5c3500ab3d0b8fa5fabea2b7293a75f802abbe

    • SSDEEP

      12288:/aluwmjhN3joZl5Lv0kMU1qqUMsTzq4nT8pXp:xwmjIv0TWqqk3xT8pXp

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      DEMANDA LABORAL POR ABUSO DE CONFIANZA 01/info.htm

    • Size

      949B

    • MD5

      6642ecfd9abc4c366908d1107ba2514f

    • SHA1

      3420d1750a40ecbc3764810fd9193e855f33078f

    • SHA256

      89a7d58c875458308f86299b03ac99b73cf4fb7a14dbc43c94b4295f12696a7a

    • SHA512

      d5f469b2313510bba79c840c3dec9dff160bf68f48b12f3aaf107472e0f03435bfb2eaa9962b536e27eb66647304d7760e11ef22868bf129f698edbb057c7dc5

    Score
    3/10
    discovery
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks