agenttesla | 123840c0d58f465fd97e1f7d10ec5d1568be311d831730f4dbcade25660f4e05

Sharing

Copy URL

Twitter E-mail

General

Target

XWorm v5.1-5.2.rar
Size

59.1MB
Sample

240501-bmw59acd3y
MD5

298d0b235e0571529565a8a3bd10a210
SHA1

f5e447e08cd137ffaee7be99b2d2958ea4abc2db
SHA256

123840c0d58f465fd97e1f7d10ec5d1568be311d831730f4dbcade25660f4e05
SHA512

9657ca3ae2a1620a34fb39f0117721e598f3fa4545c2fc1dd2af31e434a29b5ec4f945380b0d1dbd0cb14ccbe21f66f3b34dc2b8df9470bed9de6da012a114e6
SSDEEP

1572864:i03+stamViG3rfi3xFS4CmsV9B3gKnVCpN4rfi3xg3PnjmH:FuRmomzimmIwACX4zicPSH

Score

10^/10

Malware Config

Targets

- Target
  
  XWorm v5.1-5.2/XWorm/XWorm V5.2/Plugins/HiddenApps.dll
- Size
  
  45KB
- MD5
  
  c5efa70a04a026b9a2fa97b1ea43e840
- SHA1
  
  aab2de0ab74c12e04256ff2b113b062dc93179e6
- SHA256
  
  f9ef7709f34e944d99ca5bef6af1524d7cf3889894084b7ae61e9202f267a728
- SHA512
  
  1348d4ebd3ac5b56eb32820ee14f9aee20a43b7dc3d06dd7fd62c8f227b12a27d0c0376c7d858e78315cd92d17e588bc2e37648c04d146530db706e8b3c4ff1d
- SSDEEP
  
  768:zy37gsdDvMZ9+rdm2KExqbMYRQpWk/x0qqBi3X/G0gpfN3ff2oA:idDvML+r/rqbMYRQpl/x5qI/dEdX2J
Score

1^/10
behavioral1 behavioral2
- Target
  
  XWorm v5.1-5.2/XWorm/XWorm V5.2/Plugins/Informations.dll
- Size
  
  22KB
- MD5
  
  310ba7a07953ed7f783e89bcff6197e3
- SHA1
  
  147aa53e0d7cb027e6c67fa50fcb0dc0c770e157
- SHA256
  
  b10616eb3f5e4b0ceffc696179cdb616c78ef970dedbac10845a39985c91a38a
- SHA512
  
  554ead0f700dd617eed6055a84ecad288c4779ab20206e7434a8f3443a03a95a501014cd52390eb57570c25ea2bd7a298b96e88e8550d10b2a5db4f9633af529
- SSDEEP
  
  384:24svJAz5thUNHcxxypeGQ/0n3TmyxhxJNSLSg4RjjoZ:24suz/LypeGQEjfNSQM
Score

1^/10
behavioral3 behavioral4
- Target
  
  XWorm v5.1-5.2/XWorm/XWorm V5.2/Plugins/Keylogger.dll
- Size
  
  17KB
- MD5
  
  40ba99b80654259d0428c7e4f3645948
- SHA1
  
  8fa93e0f035694cd8e420aa2232aca859b3a2a6b
- SHA256
  
  3361bb2309e4ee31f14081bc170ac530e2ae9d1336026e736190a0304e2e77e4
- SHA512
  
  fc1deb29eea114e5a472102a51d49fa253a5c79821acffa930b30089ebecec4312437d4720b46e92149be2ce69aed57dc3939621a596ed6c413397363fa44ee7
- SSDEEP
  
  192:uCK9HKDyS0+NKdUxEIj1aq8fgYO1Lnq4Ur1XneDN6IW1Y6Up91KNN10UbnnSL2CV:K5Oe+4dw1IDMO4U5uD8Upih0yZCV
Score

1^/10
behavioral5 behavioral6
- Target
  
  XWorm v5.1-5.2/XWorm/XWorm V5.2/Plugins/Maps.dll
- Size
  
  15KB
- MD5
  
  b74f037f6c6de44e817660922a3044fc
- SHA1
  
  eb5acc30d3f607193bd819e8c0cdaaf70295c5b4
- SHA256
  
  ccb32961b904a22c2531313ed7c3733d7288daab181074f034eb4c73a0958a65
- SHA512
  
  a547961b87ecdbc0f9bf02381f16e03795dc73eda744a86da2cc07c97d7f1b65642971347d1ca69f36ead63c3b9078b6e0f2ecb4b6f2178a3b9a62f3ffb76579
- SSDEEP
  
  384:/HC+Q4WPRdJElcjp8J4jtepa9BX/bS9E2:/HCbRdWle2C5x/u6
Score

1^/10
behavioral7 behavioral8
- Target
  
  XWorm v5.1-5.2/XWorm/XWorm V5.2/Plugins/MessageBox.dll
- Size
  
  15KB
- MD5
  
  bde9c12607827e21c64e1d64033043b5
- SHA1
  
  d980614dda65f1f4c3a73d1f9c8162e597fcac4e
- SHA256
  
  2170fe155b56e362500ece32013bbf8d45d5dc93e689ab33d3612066c7450f75
- SHA512
  
  e015d9b915b748d1683c18621919161f9d495221c9bf788b661e3eeab60320ee0b0d9d64a393fafa47b521b484f0af2c9948f6dac0a9b7ef1e8910571e7e98eb
- SSDEEP
  
  192:kpDQ4tBCjRD6W2Y7gF/OF2glT/9r169G3m6IW1mX/j0rsVHvJsJtDdZKML2vW9:0QcRW2UVT/95gG3UX/j0ZyvW9
Score

1^/10
behavioral10 behavioral9
- Target
  
  XWorm v5.1-5.2/XWorm/XWorm V5.2/Plugins/Microphone.dll
- Size
  
  540KB
- MD5
  
  747554e4ca902a8d18b797c2edcb43ed
- SHA1
  
  508d7c9f0b031a352a1a1f25d4c6abf4167392d5
- SHA256
  
  1f135bc57ea4f44bf8a37d66b42788bed5aba753c5cbd0b4d3349ede64abfc59
- SHA512
  
  deb3f480dc7febb1d9ff4ccdb1dd04d83e9fbe7e74fb0dd39d103dbe85fa0c434407ab032e9bca027e38a0f482d08308513cd821b09dc08aafafd905e97126fd
- SSDEEP
  
  6144:yF8i30ykMPoxBemtSQvAVYm8Ou/JgtKMV6fb78+Ommg8YCQ18aFgRWAdoYCY8gQg:uP32emtLAV8OXebgreL7AwuaruedUB
Score

1^/10
behavioral11 behavioral12
- Target
  
  XWorm v5.1-5.2/XWorm/XWorm V5.2/Plugins/Ngrok-Disk.dll
- Size
  
  7.0MB
- MD5
  
  4443f2173682ef836df2f89e1b44296e
- SHA1
  
  1b0db6530eb5c5404af614143f464d663382c2e4
- SHA256
  
  01e170bc479dc22cec4658a39067e001a72a974a4e562aca01162f82decd20b6
- SHA512
  
  7bb8df753fc3636d3b01f2145c1df553b34a427a9e07d4c563a1fb2e23480ba2d609658d6ca2c4deaa386feff8af741397a3cbdb15c28157c4cf4ba8244fb61f
- SSDEEP
  
  196608:+CsxED7kwTV6B/nCR7+AA3e5MryK5Rj1Bpw7Vdjz8wEO+Dl:+TED7/VEqt/A3TryARj1BpwLktl
Score

1^/10
behavioral13 behavioral14
- Target
  
  XWorm v5.1-5.2/XWorm/XWorm V5.2/Plugins/Options.dll
- Size
  
  30KB
- MD5
  
  b0ebfc762fd2a7511e819336524551ea
- SHA1
  
  b3657c8edc6b9231d16b49bec11f01983d965495
- SHA256
  
  bf2978e31b7a1612255ff79217481374ea2ae976c2b8c270ec3eb5324251d8d7
- SHA512
  
  2adfff3089ac551ba057f2b4b2d208255a4558abb2761b39fd9cc10f37313386fdc1307fffb80777e0a1b6c1d1dbabf61b26cbff8592e77f982453679145822d
- SSDEEP
  
  768:DLxkuz7dDWH839iybgkf/sGRNW9s9dhjcI:DLNHqUPbgQsGRNW9s9
Score

1^/10
behavioral15 behavioral16
- Target
  
  XWorm v5.1-5.2/XWorm/XWorm V5.2/Plugins/Pastime.dll
- Size
  
  17KB
- MD5
  
  178627a4b30c54d20e5a59049b5af211
- SHA1
  
  5ae226eb92df19cb693764509b953bf1dbfeffcd
- SHA256
  
  c3ffa5aedbfe2c83e68d7b70afd1adb590801da429c3a5d4fd6da18116ab0cc9
- SHA512
  
  75e9684378f5155f228a75c03cb517257e7e04cddf9762e7e5b348f7b30482a9c750cb0285e28279dc9ef740c3ce759e4ebfb4e3efddd094daab7eb3bdf713c8
- SSDEEP
  
  384:zEoxsRLvyUi4U4R7XonhJAH+epi5zOY7//Zl3sA8/fT1:zEoKVvri4UA7YnEnwr/8A8/fh
Score

1^/10
behavioral17 behavioral18
- Target
  
  XWorm v5.1-5.2/XWorm/XWorm V5.2/Plugins/Performance.dll
- Size
  
  16KB
- MD5
  
  d447b98bf277020e48a04d2771b190ba
- SHA1
  
  a9b312d1d858e06156eecab2cd97d246a37822e8
- SHA256
  
  57af9bb212361e2dbfe97a784beb2f978426b42f9ea0986f74c8fbfebb630f13
- SHA512
  
  8c58bf90c5433005d7e3c8a871171dd5fbc558947d5ce387351fa7625ed6bf2a6b72afa91f8d3c7243c5e950467855838f27b6356266074321204347cded15a1
- SSDEEP
  
  384:+fCyikE3df5r1XTgOw2QxHN7yVpBKUqa:xdx5DKHClJ
Score

1^/10
behavioral19 behavioral20
- Target
  
  XWorm v5.1-5.2/XWorm/XWorm V5.2/Plugins/ProcessManager.dll
- Size
  
  17KB
- MD5
  
  12630688eb6538b34e5a392cde76ec09
- SHA1
  
  add2c24ef79657f47693995b1ddb2c760520670a
- SHA256
  
  8dbffc8d2928cc2fe3dc67b071619419bd4e21506bf8d8b66bbdef54101953d3
- SHA512
  
  24da487f34fbad245f64f86b88db8c61041e80956c2befe859903ece46905ded09e90e08f2d148316947dde8a4990bd1c944ad36a96930b197769dab025689e0
- SSDEEP
  
  384:KdfDSm8iGh5I84ZQsCH97/Y5gLCEYptkpnrDhDK4TkAvfsxfZLnVb:KdfDV8iwmyhlYATkAv0H
Score

1^/10
behavioral21 behavioral22
- Target
  
  XWorm v5.1-5.2/XWorm/XWorm V5.2/Plugins/Programs.dll
- Size
  
  13KB
- MD5
  
  c730d22a23fb8ec58f51116e54ac4cc4
- SHA1
  
  45c4b19479d6e58736630db5405dd58450a601dc
- SHA256
  
  4bfe2b70271956dbcf08086ff04bc36a23928d974469ffeaca97ed5ad5b6dcfb
- SHA512
  
  da5d553e1e470958db4565699f0d2a58c9ab8a653b34003fd33758ed85f1a4f3c027064fcd0c24dae3ba88f7adc22f9b45ff55c22e2b29cbc0cf8f0b7293f7db
- SSDEEP
  
  384:WA3FIPiu78UTyGS7dnTu5lYTX/1geEedNtb:WA3Mr78UTy5BTp/1sKn
Score

1^/10
behavioral23 behavioral24
- Target
  
  XWorm v5.1-5.2/XWorm/XWorm V5.2/Plugins/Ransomware.dll
- Size
  
  20KB
- MD5
  
  e55dfe70871fb442f8b8eea790875a7c
- SHA1
  
  0f659147ad89de0dadca9d74abb0854ec64ae403
- SHA256
  
  b0ccb9a2bef7fd24d7f31bb70a8516129a099b47d2564f9f18cb0d87144fc5da
- SHA512
  
  daf5fc4a89d841a04b2b6fd8e516d7efa3baa08710af6ff85c57771d99a2ee07da4c2482baed9ecdae54e3eca2d840341ee3371a826cf26fb180dfba864e63a8
- SSDEEP
  
  384:XVSO27QJHvpebFn0LC9Tk7ff2ji+ZMuqI+sHY4k7ENeEDuQZh:XVm7Q1vpebF0LC9TqH2Mj74tqg
Score

1^/10
behavioral25 behavioral26
- Target
  
  XWorm v5.1-5.2/XWorm/XWorm V5.2/Plugins/Recovery.dll
- Size
  
  1.1MB
- MD5
  
  be590ee7d8c0366cc28c200308ba0823
- SHA1
  
  0fa6c6ca44893c45f115e446566f0d4dcf5168d6
- SHA256
  
  a81e4efc2c85a4f8fed46b9b0f3bd3c2a750a3047ae7ce5b29f21df52d85dfbb
- SHA512
  
  cbbb4c62d703bf8dd0e0e34b438401710c1bd62c82f71060483f4a84dfaa802a9b0d39b904d6f77cf4ef0b630f173f66f349497d53a6039c640e0f4301e26041
- SSDEEP
  
  12288:M2uX3iDoOeiWYcW3GFNFfcaFeFOFwcGF6cmFWc0FWc8cIcKcUFJFpcNcHc7cbchk:PNeiWYtc/5/jbOE8ULrFmCCo
Score

1^/10
behavioral27 behavioral28
- Target
  
  XWorm v5.1-5.2/XWorm/XWorm V5.2/Plugins/Regedit.dll
- Size
  
  15KB
- MD5
  
  d92b2e7472ec9cb8b803bc039558c828
- SHA1
  
  0ca9e950b5ef64e3cdd23a31a2b51ad2b82581de
- SHA256
  
  1989885e6f4f459b4ef37ab11e97ffe8c1598a8189eb3a4110f259357af2414f
- SHA512
  
  ef4ded6ae8349a58a0745aa55ad96530d028f8137437124b02a80b332e2801447dde2e6e908e48151ee7102868676ef435fe5ecf0ebd980f497435e58e599171
- SSDEEP
  
  384:1Ak743gHOThJ1ACZMDqYpmewuYvpYrQrfKr9A8/Pj9eZ:1AY4t1AyMD6zY0+A8/P8
Score

1^/10
behavioral29 behavioral30
- Target
  
  XWorm v5.1-5.2/XWorm/XWorm V5.2/Plugins/RemoteDesktop.dll
- Size
  
  18KB
- MD5
  
  f4e00005c72b4331eb0e9243346d3e1d
- SHA1
  
  f8afb37fc362430b4045cd2f22e5a5cdaca43ace
- SHA256
  
  9bcf8dfc92bc643b9414a446da4632050de1b7577fedf4f7711d3b4b3d46e06d
- SHA512
  
  7e9be2c2a247a7ee067b156062098a2494113ca935c83a6c8723ee2fe3b7ae15ce5addac5630b8aaba9b12d52896127609f8d7974bb622b79d9a8dddd6c7a155
- SSDEEP
  
  384:174NEKdUoIdAsQh8onN4dtKSbjt9l/C6m5YxBdJbqJtjS1:1742LJ5E8oyuOJBLSjK
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32