General
-
Target
Note.zip
-
Size
2.5MB
-
Sample
240424-y246qsgh54
-
MD5
a3d4f1ffa84ca8f25fd2f2d21b60e375
-
SHA1
5d266b85f55eb375e7031f98f2ad21b46f0b68d3
-
SHA256
062918b6e2820ad1177fc2cfb30a91cce6110e763ec6c045e7913f2c5c92a6db
-
SHA512
0d89fe13edc02302ceac27ace83ddfab255cf8a536c72e2c4ac3830bca6369c62b8ff86394bf26d1489e24b050c5a06acb184dbf66da5d892ac0119fb1b3ba8a
-
SSDEEP
49152:DkPAL2ZYMYp0uh9Mw2X72W2iLFAl/NAhmGeonEyT6vHUqNTKbqZNZ6:RLrNhGw2qW2ipa4mcEy2vUqNTKeZNZ6
Behavioral task
behavioral1
Sample
Note.zip
Resource
win10v2004-20240412-en
Behavioral task
behavioral2
Sample
Note/Guna.UI2.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral3
Sample
Note/NoteSpoofer.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral4
Sample
Note/SerialChecker.bat
Resource
win10v2004-20240412-en
Behavioral task
behavioral5
Sample
Note/Xerin.Runtime.dll
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
Note.zip
-
Size
2.5MB
-
MD5
a3d4f1ffa84ca8f25fd2f2d21b60e375
-
SHA1
5d266b85f55eb375e7031f98f2ad21b46f0b68d3
-
SHA256
062918b6e2820ad1177fc2cfb30a91cce6110e763ec6c045e7913f2c5c92a6db
-
SHA512
0d89fe13edc02302ceac27ace83ddfab255cf8a536c72e2c4ac3830bca6369c62b8ff86394bf26d1489e24b050c5a06acb184dbf66da5d892ac0119fb1b3ba8a
-
SSDEEP
49152:DkPAL2ZYMYp0uh9Mw2X72W2iLFAl/NAhmGeonEyT6vHUqNTKbqZNZ6:RLrNhGw2qW2ipa4mcEy2vUqNTKeZNZ6
Score1/10 -
-
-
Target
Note/Guna.UI2.dll
-
Size
2.1MB
-
MD5
c19e9e6a4bc1b668d19505a0437e7f7e
-
SHA1
73be712aef4baa6e9dabfc237b5c039f62a847fa
-
SHA256
9ac8b65e5c13292a8e564187c1e7446adc4230228b669383bd7b07035ab99a82
-
SHA512
b6cd0af436459f35a97db2d928120c53d3691533b01e4f0e8b382f2bd81d9a9a2c57e5e2aa6ade9d6a1746d5c4b2ef6c88d3a0cf519424b34445d0d30aab61de
-
SSDEEP
49152:6QNztBO2+VN7N3HtnPhx70ZO4+CPXOn5PThDH2TBeHjvjiBckYf+Yh/FJ3:6Ahck2z
Score1/10 -
-
-
Target
Note/NoteSpoofer.exe
-
Size
888KB
-
MD5
03212759dbac99b4548670d8f5a158f3
-
SHA1
27c87c780c480c9894606786eb61addb1a6418fb
-
SHA256
2e31fac191d17a1936de6e722c2fbf68a23fde4a6f4bbf88d9757a8784374d10
-
SHA512
c1770e57a6d36d80a0006c0f2a21a9a4bd08de78a20533350334e5803d0b7b0d935529f369186281c3263547105614010c5f4ac6f35c5aca320a9a5c2be92a39
-
SSDEEP
12288:xVOhaRdWSxwlzoH9I1DnTyMoTDhLPTeeq9CsgWZJE09QZgkUV3NfHO92htLXnj:GaiVU9INboTDUHC3WZ2MkY3Tj
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla payload
-
-
-
Target
Note/SerialChecker.bat
-
Size
1KB
-
MD5
d6a391da8bf56820b880ced246f4dff0
-
SHA1
4530c7a22d7c55a7e87e4014553f3f6e7e14ee38
-
SHA256
ae12f8690d2d876411c8b96efafd4e692b40f9c19ba36758f16775655514acb3
-
SHA512
7d084cbd702f1181022fe85318fa586d47bd352e1eb6f3f319d1607e38684b0db657588c5003ce01762f1ad844c3615dd14a3e83ca4f80a0bca246e735dbebeb
Score1/10 -
-
-
Target
Note/Xerin.Runtime.dll
-
Size
1.2MB
-
MD5
2c82e38ac5094b3b0dd41fc50a7b0c04
-
SHA1
b3e811934d5be3a8a639599184b2e07386248b83
-
SHA256
51b6156da6d249d4a855626d7fb5c5cff95ef182a610c72b20aa0fc7b0158654
-
SHA512
d8230e7b42d0f580036d8da12e487b28201ea7ccad2ffe93224574effa9db69e16e432215ff9687b76b28383b259c04e71d3beb833f75b81e4b0a96039e7f787
-
SSDEEP
24576:YMgG5u7AZCpU4jScYfgF/FaBhL0Fb8lUTgCv8B+8U8R:YCiOCpDucYYVb8CvWb
Score1/10 -