agenttesla | f_000263

Resubmissions

02-04-2023 01:42

230402-b43dlafc8z 10

02-04-2023 01:25

230402-bs8q8sfc21 10

Sharing

Copy URL

Twitter E-mail

General

Target

f_000263
Size

100KB
MD5

52ed29d7705270875a4fc90bcfbeebfc
SHA1

81716e1b0c9f5888618b21e7762f5dc472e0ef16
SHA256

d3644e3b175de5ba44b02e6098bc78cca3fa94ccfee14296f488da9d2273da8e
SHA512

7d00b5e3a2060a4250768f7b906d1acfdcfb8cddd8b9036634c2274161d36b8dcba661d11adf9196158b7553b864cefe45555a5445fd343927fb8e17e36abcc7
SSDEEP

1536:tcDj6aAaKkGC8afCIl/PT0sAmfYoD6761p6Z0GHoZ6f33+rQd3FnkeditHd1M+:C6aIxC8ICGzSoDwoczH5nkF91M+

Score

10^/10

infostealer miner agenttesla darktrack lockfile m00nd3v_logger matiex shurk stormkitty surtr vulturi zeppelin masslogger mountlocker xmrig darkcomet

Malware Config

Signatures

AgentTesla payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/sample	family_agenttesla

Agenttesla family
agenttesla

DarkTrack payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/sample	family_darktrack

Darkcomet family
darkcomet
Darktrack family
darktrack

Detect LockFile payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/sample	family_lockfile

Detected Mount Locker ransomware 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/sample	RANSOM_mountlocker

Detects Surtr Payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/sample	family_surtr

Detects Zeppelin payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/sample	family_zeppelin

Lockfile family
lockfile

M00nD3v Logger payload 1 IoCs

Detects M00nD3v Logger payload in memory.

infostealer

Processes:

resource	yara_rule
static1/unpack001/sample	m00nd3v_logger

M00nd3v_logger family
m00nd3v_logger

MassLogger log file 1 IoCs

Detects a log file produced by MassLogger.

Processes:

resource	yara_rule
static1/unpack001/sample	masslogger_log_file

Masslogger family
masslogger

Matiex Main payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/sample	family_matiex

Matiex family
matiex
Mountlocker family
mountlocker

Shurk Stealer payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/sample	shurk_stealer

Shurk family
shurk

StormKitty payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/sample	family_stormkitty

Stormkitty family
stormkitty
Surtr family
surtr
Vulturi family
vulturi

Vulturi payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/sample	family_vulturi

XMRig Miner payload 1 IoCs

miner

Processes:

resource	yara_rule
static1/unpack001/sample	family_xmrig

Xmrig family
xmrig
Zeppelin family
zeppelin

Files

f_000263
.gz
sample
.js