Resubmissions

20-07-2022 10:06

220720-l44xjaeehl 10

18-07-2022 10:42

220718-mrst6scffl 10

General

  • Target

    4d96609c79409d956dca3fd90b0e5875bbf4d8ed878c3fc05e3f4e1fc6428c55.bin

  • Size

    379KB

  • MD5

    a63817703de8f1c52e0620daa6029df2

  • SHA1

    4f0354cddf9bc591bd918744bf2b513a9ffea689

  • SHA256

    4d96609c79409d956dca3fd90b0e5875bbf4d8ed878c3fc05e3f4e1fc6428c55

  • SHA512

    e2db856d7552c89c8340b2a19ae0df055b846f7418a2eb11ddd8150edaf2ca9560d95d16d27fa27cd4be77dc76f65fd0ab8a4180097deec1746a6661edd1617e

  • SSDEEP

    3072:GAPcGgwq/tjjpYzDwf/NI5AwOCinDoRzD0SfOmtIpxwW7203Wkt42d4p722:BLqGDMsAZdK0Oa9ho722

Malware Config

Extracted

Family

joker

C2

https://flashdownloadserver.oss-cn-hongkong.aliyuncs.com

Signatures

  • AgentTesla payload 1 IoCs
  • Agenttesla family
  • DarkTrack payload 1 IoCs
  • Darkcomet family
  • Darktrack family
  • Detect LockFile payload 1 IoCs
  • Detected Mount Locker ransomware 1 IoCs
  • Joker family
  • Lockfile family
  • M00nD3v Logger payload 1 IoCs

    Detects M00nD3v Logger payload in memory.

  • M00nd3v_logger family
  • MassLogger log file 1 IoCs

    Detects a log file produced by MassLogger.

  • Masslogger family
  • Matiex Main payload 1 IoCs
  • Matiex family
  • Mountlocker family
  • Shurk Stealer payload 1 IoCs
  • Shurk family
  • StormKitty payload 1 IoCs
  • Stormkitty family

Files

  • 4d96609c79409d956dca3fd90b0e5875bbf4d8ed878c3fc05e3f4e1fc6428c55.bin
    .js