Overview
overview
10Static
static
10Argon.exe
windows7-x64
10Argon.exe
windows10-2004-x64
10Authware.dll
windows7-x64
1Authware.dll
windows10-2004-x64
1Guna.UI2.dll
windows7-x64
1Guna.UI2.dll
windows10-2004-x64
1Newtonsoft.Json.dll
windows7-x64
1Newtonsoft.Json.dll
windows10-2004-x64
1System.CodeDom.dll
windows7-x64
1System.CodeDom.dll
windows10-2004-x64
1General
-
Target
argon.zip
-
Size
4.3MB
-
Sample
240407-yz5dqadg38
-
MD5
639615314d0be5066a5d99cfdaea02be
-
SHA1
6968c74c47f82982ffe15b3dd21f5f952839b279
-
SHA256
7509262422cafa1f6333acfa8979f133d0c5eeddc31ff69bbded4a33f8a487fc
-
SHA512
5b4ead005bb80d3612ff14e9ce28508f5cb6b5209eb1b7cac5c8a544446df92ae39101ab3efe1e461a5e3de77b941044f41fa81af0ae3fd38fefcfc6f9a078ca
-
SSDEEP
98304:ljVusJHsLH/FMWS843fdbMmncHg5B2j1KtsF7ZcZcD3cBOYkdVRj:NEMK43fJJB2ZDH1DsBOYkdVRj
Behavioral task
behavioral1
Sample
Argon.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
Argon.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
Authware.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
Authware.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
Guna.UI2.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
Guna.UI2.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral7
Sample
Newtonsoft.Json.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
Newtonsoft.Json.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
System.CodeDom.dll
Resource
win7-20240220-en
Behavioral task
behavioral10
Sample
System.CodeDom.dll
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
Argon.exe
-
Size
3.4MB
-
MD5
6b69d0e5937d85dce0096deaa29252f1
-
SHA1
1ba0c37ba6844faeb07c8021e05bd539fa4b4c1d
-
SHA256
37fcfde84cec0c6b88abc35246c39eba163bfb8fdaae2a841c91a6caab129ba6
-
SHA512
52e6cc4652890e9d3bf7eae1e0f910ecdd326cab6846f34c71cf27e772f2c677d632aa0d498a2d66f6c90008e25e849fc4d8ce13234278eb605f7abebad1a0d1
-
SSDEEP
98304:JsxCGsTt3WdAa8NwC7/1Od2X5fVqtIAuLUf:UCGsTt3Wmz7/1vdVqZnf
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla payload
-
-
-
Target
Authware.dll
-
Size
308KB
-
MD5
4df8eea193204dec366da1720bc660aa
-
SHA1
8110d00a35df3526b61ab1f7fd715a87a777a455
-
SHA256
bd233b045d913a4cc0e54b461c35bd0a549853ec74c157dbd53a12f0d56dd6da
-
SHA512
c6ed434d4bf466dca08252383c9f58911187f606a453c08d6b07867fda2db73b800dc7a629afa2b53a91c2c05c8c15e8eb0264c8b4f018433dcf8973ca74aab1
-
SSDEEP
3072:2HnHydwxGNQZXyTuPF8DPua/bPtvu3NevKRF8DPua/BPtvs3Nwvue:269QZiM8yadGj8yarc
Score1/10 -
-
-
Target
Guna.UI2.dll
-
Size
1.9MB
-
MD5
1915011997fdb9aa95f15e567f4e6070
-
SHA1
40a7853f14d6d4919279965f026d57cf9a104998
-
SHA256
952fa59d3d6d8c8c5fad8a1144e5effdf0fa92d58db1fb2a2899faf84c6273ab
-
SHA512
5cca71b42ed9dc154e6d5919e7cd93046168781a55c051818157848efc918b2e4dd92f422eb1c47e0940b645ba750facf83bce240748a8170ac8ce0afc9efa90
-
SSDEEP
24576:XJXD/hBn13g+Yi9oE7IYbO9ZY/NJdAjED+aE0qUaiIwpHQ/jz2Y:JTIYbGQdAjED+aE0LaiI
Score1/10 -
-
-
Target
Newtonsoft.Json.dll
-
Size
695KB
-
MD5
195ffb7167db3219b217c4fd439eedd6
-
SHA1
1e76e6099570ede620b76ed47cf8d03a936d49f8
-
SHA256
e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d
-
SHA512
56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac
-
SSDEEP
12288:GBja5bBvR8Q0TE2HB0WLmvXbsVG1Gw03RzxNHgKhwFBkjSHXP36RMGy1NqTUO:GBjk38WuBcAbwoA/BkjSHXP36RMG/
Score1/10 -
-
-
Target
System.CodeDom.dll
-
Size
27KB
-
MD5
2a42f86af609dac74fe6c898ccf958e0
-
SHA1
88c8065034ee0e4b9f6a3935fd32e541eff39ebc
-
SHA256
9dbce659a0ef6fd19709fe1d5b2a78be451daf28000274fcbc1cbe080ce71365
-
SHA512
cd4e71e91569b0a47bc5f5142b103048960929c5bb29d7c9412e4b5331377d44468e6a07af8b2b766d47ac04a2eb65965e722fba067370a1456f1686dae662ae
-
SSDEEP
384:DdgrnDxt3942O1NEIY3lzZIcKBxehzsCtZ7U6r1fDXJx/WpuWa/uPHRN7u7c+luh:JgXxtu5jEIYDhzZpmeMu7cH
Score1/10 -