Resubmissions

02-04-2023 01:42

230402-b43dlafc8z 10

02-04-2023 01:25

230402-bs8q8sfc21 10

General

  • Target

    f_000263

  • Size

    100KB

  • MD5

    52ed29d7705270875a4fc90bcfbeebfc

  • SHA1

    81716e1b0c9f5888618b21e7762f5dc472e0ef16

  • SHA256

    d3644e3b175de5ba44b02e6098bc78cca3fa94ccfee14296f488da9d2273da8e

  • SHA512

    7d00b5e3a2060a4250768f7b906d1acfdcfb8cddd8b9036634c2274161d36b8dcba661d11adf9196158b7553b864cefe45555a5445fd343927fb8e17e36abcc7

  • SSDEEP

    1536:tcDj6aAaKkGC8afCIl/PT0sAmfYoD6761p6Z0GHoZ6f33+rQd3FnkeditHd1M+:C6aIxC8ICGzSoDwoczH5nkF91M+

Malware Config

Signatures

  • AgentTesla payload 1 IoCs
  • Agenttesla family
  • DarkTrack payload 1 IoCs
  • Darkcomet family
  • Darktrack family
  • Detect LockFile payload 1 IoCs
  • Detected Mount Locker ransomware 1 IoCs
  • Detects Surtr Payload 1 IoCs
  • Detects Zeppelin payload 1 IoCs
  • Lockfile family
  • M00nD3v Logger payload 1 IoCs

    Detects M00nD3v Logger payload in memory.

  • M00nd3v_logger family
  • MassLogger log file 1 IoCs

    Detects a log file produced by MassLogger.

  • Masslogger family
  • Matiex Main payload 1 IoCs
  • Matiex family
  • Mountlocker family
  • Shurk Stealer payload 1 IoCs
  • Shurk family
  • StormKitty payload 1 IoCs
  • Stormkitty family
  • Surtr family
  • Vulturi family
  • Vulturi payload 1 IoCs
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • Zeppelin family

Files

  • f_000263
    .gz
  • sample
    .js