Overview

overview

10

Static

static

10

SuperBoo-P...in.zip

windows10-1703-x64

10

SuperBoo-P...in.zip

windows10-2004-x64

1

Resubmissions

26/12/2023, 16:22

231226-tvcexscbb9 10

24/12/2023, 13:14

231224-qgpasacabl 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    SuperBoo-Protector-cracked-main.zip

  • Size

    2.6MB

  • Sample

    231226-tvcexscbb9

  • MD5

    277c927bc2e7a1a8bb6c2fba0910fe19

  • SHA1

    0faa50b172942693fcf79702943a5b03cf9550e9

  • SHA256

    0adb6afe6f60b030f1447249a28677ab16b52189cbbf36cef48fed22d3ca2776

  • SHA512

    173ef5090df469611b5b744f9bdb47a9efe67d3b2807f1f84421c00bb13dbf1625af1def705519ef874e259fd8c2abcda0b6eddd86c8e77e885e840bc9a5e667

  • SSDEEP

    49152:edngwwHv5VbtHwNxR9Fl/uPugYadTKE1IEEV+FkcoJAN/bisZ8bQZyUlixtecKf:6gNhVRwvm1eOI5+FRgANDhZflqteF

Score
10/10
agentteslakeyloggerspywarestealertrojan

Malware Config

Targets

    • Target

      SuperBoo-Protector-cracked-main.zip

    • Size

      2.6MB

    • MD5

      277c927bc2e7a1a8bb6c2fba0910fe19

    • SHA1

      0faa50b172942693fcf79702943a5b03cf9550e9

    • SHA256

      0adb6afe6f60b030f1447249a28677ab16b52189cbbf36cef48fed22d3ca2776

    • SHA512

      173ef5090df469611b5b744f9bdb47a9efe67d3b2807f1f84421c00bb13dbf1625af1def705519ef874e259fd8c2abcda0b6eddd86c8e77e885e840bc9a5e667

    • SSDEEP

      49152:edngwwHv5VbtHwNxR9Fl/uPugYadTKE1IEEV+FkcoJAN/bisZ8bQZyUlixtecKf:6gNhVRwvm1eOI5+FRgANDhZflqteF

    Score
    10/10
    agentteslakeyloggerspywarestealertrojan

    • AgentTesla

      Agent Tesla is a remote access tool (RAT) written in visual basic.

      keyloggertrojanstealerspywareagenttesla

    • AgentTesla payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks