Overview

overview

10

Static

static

1

PROCESO JU...31.exe

windows10-ltsc 2021-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PROCESO JURIDICO Y RECAUDO LEGAL, RADICADO 9765241031.rar

  • Size

    1.1MB

  • Sample

    250117-sa9z1stjdj

  • MD5

    98340bcc893ba6b65d112692c993cc18

  • SHA1

    b2136a40e8418a3b353ae8599d23d4eeba0d9ad3

  • SHA256

    4e3049ad897b225686bb79b705e418fb12ef55e9eea8f4ece2fa30f8b7841123

  • SHA512

    937e1c58633cc2ba45b12092508b20b6b7dcfacaabef753d7a799fee936e94bd79fa6a6db7137ad3364811f76d977fbb9b54cfcee3b273c09c5c53101420dabf

  • SSDEEP

    24576:ZS5uFDwdw/8sgsNTx3JqDS+tlbjWXHD6FDbRDvfl7:ZS4Ce5gWTNkDSK2XHqNDvB

Score
10/10
asyncratserverviolentodiscoveryrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7A

Botnet

SERVERVIOLENTO

C2

violenr.duckdns.org:6606

Mutex

uuooxuxbnkywum

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      PROCESO JURIDICO Y RECAUDO LEGAL, RADICADO 9765241031.exe

    • Size

      1.2MB

    • MD5

      668187af1077315205b0281187a07dc0

    • SHA1

      9fb038359cef0774def7da98bd67e65025310250

    • SHA256

      71ca53bb1d956d054fb9e6873d8a1011d48d26f7e71559437cc7fc21558616f1

    • SHA512

      3fb90a57f61340b73902d5ce3a1a0b5d2c99dab66efa100b63617816317724f90c11b6ad8ff6d1835347553eb4c57977cfe736ddcaae68de0078e41127a49d2f

    • SSDEEP

      24576:NKDRPgRPcAYPZV6PSItR0SfquORSxMqv8I4bDAl96+gTk8soBt:o2PQ2PSItufRwMEFr6fTH9

    Score
    10/10
    asyncratserverviolentodiscoveryrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat

    • Drops startup file

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks