General

  • Target

    2024-04-11-12.zip

  • Size

    1.4MB

  • MD5

    e1ddfadee8f8d4f0211436372c8e3643

  • SHA1

    d2c7fe614d3bb068492e53aa0cdfc5d9dc13164c

  • SHA256

    02730e71f328c1db18bd641ee44c7b6f83f6b48491f46339168e13dd6ebe0e3e

  • SHA512

    eb9e3713409f4e61dfc745f81098eabcc0eb59b392869583da6a72ce8c3428a3109cc10d4728bbd4b428a127049f0dc33f8af7375035bdf38401c3379e46ac7d

  • SSDEEP

    24576:W2o5K6a2hnoSzfj7+D3x6lsRcQzoPm6KzRFbqLnG/c0q1DD6/QZk040X:W28aUoSgisSSoPm6fLG/hpMX

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

WICKED

Extracted

Family

agenttesla

Credentials

Signatures

  • Agenttesla family
  • Mirai family
  • AutoIT Executable 1 IoCs

    AutoIT scripts compiled to PE executables.

  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-04-11-12.zip
    .zip

    Password: infected

  • 0037217bc5e80d475d5ccaca01cf024d6bed7210e79efa06575c92d05081bf5e.elf
    .elf linux mipsel
  • 334e2c89c9ee7b4522bbd263cc1fe59065d6a1a21919e11504158266bed762b8.exe
    .exe windows:5 windows x86 arch:x86

    eb97e4fc5518ac300a92a11673825e0b


    Headers

    Imports

    Sections

  • 4e7e2546901dc10eda0b3ec5237250129899018f3464bc33dc626952134435b9.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • c5c810beaf075f8fee52146b381b0f94a6e303fada3bce12bcc07fbfa07ba07e.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections