Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

NOTIFICACI...DA.exe

windows7-x64

10

NOTIFICACI...DA.exe

windows10-2004-x64

10

NOTIFICACI...e4.dll

windows7-x64

3

NOTIFICACI...e4.dll

windows10-2004-x64

3

NOTIFICACI...i4.dll

windows7-x64

3

NOTIFICACI...i4.dll

windows10-2004-x64

3

NOTIFICACI...k4.dll

windows7-x64

3

NOTIFICACI...k4.dll

windows10-2004-x64

3

NOTIFICACI...l4.dll

windows7-x64

3

NOTIFICACI...l4.dll

windows10-2004-x64

3

NOTIFICACI...rn.dll

windows7-x64

3

NOTIFICACI...rn.dll

windows10-2004-x64

3

NOTIFICACI...00.dll

windows7-x64

3

NOTIFICACI...00.dll

windows10-2004-x64

3

NOTIFICACI...00.dll

windows7-x64

3

NOTIFICACI...00.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    90c745723c1e6ce2a1055c9f47fbe014.001

  • Size

    8.8MB

  • Sample

    241206-h7tn7awnav

  • MD5

    90c745723c1e6ce2a1055c9f47fbe014

  • SHA1

    85c264ff98bf87f02352fdada65c37612206f958

  • SHA256

    5ddbfa6323462c207f8a4526c4c5b7fe72faaff96d97f731c01f2c8603e70c1e

  • SHA512

    63c43d71b932bd0aa908c67cac9254fe2ab9c507e50a619139518df43adb5489d77b7aaacc5c1b5d11b22a4e49a705d5d52e9ab52ffa5234aed84b9f5961fc3b

  • SSDEEP

    196608:CGIHaqoCO/0VACiPVGSWIIaiVP5fCa5hpwqVmPNvR7a4d1FakIssKJ38w:CGI+COAti0SDi55fnpwqVmPNJuG0RO3H

Score
10/10
asyncratdefaultdiscoveryrat

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

Default

C2

envier45w.duckdns.org:3030

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      NOTIFICACION ELECTRONICA DEMANDA JUZGADO PENAL/00-NOTIFICACION DEMANDA.exe

    • Size

      6.2MB

    • MD5

      11c8962675b6d535c018a63be0821e4c

    • SHA1

      a150fa871e10919a1d626ffe37b1a400142f452b

    • SHA256

      421e36788bfcb4433178c657d49aa711446b3a783f7697a4d7d402a503c1f273

    • SHA512

      3973c23fc652e82f2415ff81f2756b55e46c6807cc4a8c37e5e31009cec45ab47c5d4228c03b5e3a972cacd6547cf0d3273965f263b1b2d608af89f5be6e459a

    • SSDEEP

      98304:u4bRxuHuFP2rHLpHPA477yNRgoPbfnRROWR721LYfs17u0kcFrXLEJfwY:u4NxuOFI1AEyrbf/52BYfs1LkcFrXL+X

    Score
    10/10
    asyncratdefaultdiscoveryrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      NOTIFICACION ELECTRONICA DEMANDA JUZGADO PENAL/QtCore4.dll

    • Size

      2.5MB

    • MD5

      8ebb374efdaf4d5a31d1f90ac9fc0ad6

    • SHA1

      1e4afb511f6b520449683abd5d3777d1cd7c93b7

    • SHA256

      e7f07649dcd0005d4b0c41ce9f7d59d22a409fbd0f22c122391ebfa3707bf36f

    • SHA512

      71b4c55ef5cd66aa206840003212d9bbcc2b98a050a90218c1d2fea3fea5e5a1fd5b110500e5fd5dcf6d9bbbe697474146f44519b7f36e4386564094cd21e4fd

    • SSDEEP

      49152:WTFgiFpGXOENKngjGkJsv6tWKFdu9C6TELyvL/6mShMZtmjNUVrciV5P+7QVg07K:W+iDajjxJsv6tWKFdu9CZgfZ

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      NOTIFICACION ELECTRONICA DEMANDA JUZGADO PENAL/QtGui4.dll

    • Size

      8.2MB

    • MD5

      831ba3a8c9d9916bdf82e07a3e8338cc

    • SHA1

      6c89fd258937427d14d5042736fdfccd0049f042

    • SHA256

      d2c8c8b6cc783e4c00a5ef3365457d776dfc1205a346b676915e39d434f5a52d

    • SHA512

      beda57851e0e3781ece1d0ee53a3f86c52ba99cb045943227b6c8fc1848a452269f2768bf4c661e27ddfbe436df82cfd1de54706d814f81797a13fefec4602c5

    • SSDEEP

      98304:YxRJATZlLne1/cF6ZWHxD1HFH+J+70msIWeiLtRgi3d4PJpTcSqxyr:YxiZBG2xpljTcJy

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      NOTIFICACION ELECTRONICA DEMANDA JUZGADO PENAL/QtNetwork4.dll

    • Size

      1.0MB

    • MD5

      8a2e025fd3ddd56c8e4f63416e46e2ec

    • SHA1

      5f58feb11e84aa41d5548f5a30fc758221e9dd64

    • SHA256

      52ae07d1d6a467283055a3512d655b6a43a42767024e57279784701206d97003

    • SHA512

      8e3a449163e775dc000e9674bca81ffabc7fecd9278da5a40659620cfc9cc07f50cc29341e74176fe10717b2a12ea3d5148d1ffc906bc809b1cd5c8c59de7ba1

    • SSDEEP

      12288:m+PpRNPe4+DZFvnwJ9o+Hllp59K03AskvvukLosiLHrv7F0YmIYunuGS:m+hRCZhwY+Hllp59OHvfo7HrCYmItnC

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      NOTIFICACION ELECTRONICA DEMANDA JUZGADO PENAL/QtXml4.dll

    • Size

      348KB

    • MD5

      e9a9411d6f4c71095c996a406c56129d

    • SHA1

      80b6eefc488a1bf983919b440a83d3c02f0319dd

    • SHA256

      c9b2a31bfe75d1b25efcc44e1df773ab62d6d5c85ec5d0bc2dfe64129f8eab5e

    • SHA512

      93bb3dd16de56e8bed5ac8da125681391c4e22f4941c538819ad4849913041f2e9bb807eb5570ee13da167cfecd7a08d16ad133c244eb6d25f596073626ce8a2

    • SSDEEP

      6144:6gdDO1NTI8ew+Rh9CY8gjvXQ0AObEL9gqIL:6gda1FI8V+f9FFzA1IL

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      NOTIFICACION ELECTRONICA DEMANDA JUZGADO PENAL/StarBurn.dll

    • Size

      654KB

    • MD5

      f75225db13e3b86477dc8658c63f9b99

    • SHA1

      6ffd5596fd69e161b788001abab195cc609476cf

    • SHA256

      4286cf3c1ed10b8d6e2794ab4ed1cfcded0ea40d6794016ce926cd9b547c6a00

    • SHA512

      07dee210de39e9f303bb72558c4b2aeb5de597638f0a5bfdcbe8f8badfb46a45f7a1518726d543f18682214668d22586299159e2c3947a9285990867bc457327

    • SSDEEP

      12288:1/gzbnbASodCXNn5FJX5KrN9VmoBBDFDn8j:FRSoSn5FJX5KZ9VmoDKj

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      NOTIFICACION ELECTRONICA DEMANDA JUZGADO PENAL/msvcp100.dll

    • Size

      411KB

    • MD5

      03e9314004f504a14a61c3d364b62f66

    • SHA1

      0aa3caac24fdf9d9d4c618e2bbf0a063036cd55d

    • SHA256

      a3ba6421991241bea9c8334b62c3088f8f131ab906c3cc52113945d05016a35f

    • SHA512

      2fcff4439d2759d93c57d49b24f28ae89b7698e284e76ac65fe2b50bdefc23a8cc3c83891d671de4e4c0f036cef810856de79ac2b028aa89a895bf35abff8c8d

    • SSDEEP

      12288:iHEqYsrMWIqz473PTiPoH/aGhUgiW6QR7t5qv3Ooc8UHkC2eKq87:iH9YsIWIW4rPTiPofaDv3Ooc8UHkC2e8

    Score
    3/10
    discovery
    behavioral13behavioral14

    • Target

      NOTIFICACION ELECTRONICA DEMANDA JUZGADO PENAL/msvcr100.dll

    • Size

      752KB

    • MD5

      67ec459e42d3081dd8fd34356f7cafc1

    • SHA1

      1738050616169d5b17b5adac3ff0370b8c642734

    • SHA256

      1221a09484964a6f38af5e34ee292b9afefccb3dc6e55435fd3aaf7c235d9067

    • SHA512

      9ed1c106df217e0b4e4fbd1f4275486ceba1d8a225d6c7e47b854b0b5e6158135b81be926f51db0ad5c624f9bd1d09282332cf064680dc9f7d287073b9686d33

    • SSDEEP

      12288:fQmCy3NeRjkpQmj3oaMtQqjoygfXq3kon9IlbgaOxQdVJJ6j5EBKX8hR5:ImCy3VQs9MtLjTgfa3kon9FaOdEz5

    Score
    3/10
    discovery
    behavioral15behavioral16

MITRE ATT&CK Enterprise v15

Tasks