General

  • Target

    f_005d77

  • Size

    100KB

  • MD5

    52ed29d7705270875a4fc90bcfbeebfc

  • SHA1

    81716e1b0c9f5888618b21e7762f5dc472e0ef16

  • SHA256

    d3644e3b175de5ba44b02e6098bc78cca3fa94ccfee14296f488da9d2273da8e

  • SHA512

    7d00b5e3a2060a4250768f7b906d1acfdcfb8cddd8b9036634c2274161d36b8dcba661d11adf9196158b7553b864cefe45555a5445fd343927fb8e17e36abcc7

  • SSDEEP

    1536:tcDj6aAaKkGC8afCIl/PT0sAmfYoD6761p6Z0GHoZ6f33+rQd3FnkeditHd1M+:C6aIxC8ICGzSoDwoczH5nkF91M+

Malware Config

Signatures

  • AgentTesla Payload 1 IoCs
  • Agenttesla family
  • DarkTrack Payload 1 IoCs
  • Darkcomet family
  • Darktrack family
  • Detect LockFile Payload 1 IoCs
  • Detected Mount Locker ransomware 1 IoCs
  • Lockfile family
  • M00nD3v Logger Payload 1 IoCs

    Detects M00nD3v Logger payload in memory.

  • M00nd3v_logger family
  • MassLogger log file 1 IoCs

    Detects a log file produced by MassLogger.

  • Masslogger family
  • Matiex Main Payload 1 IoCs
  • Matiex family
  • Mountlocker family
  • Shurk Stealer Payload 1 IoCs
  • Shurk family
  • StormKitty Payload 1 IoCs
  • Stormkitty family

Files

  • f_005d77
    .gz
  • sample
    .js