Extracted

• • Target

    9566d114c21b49a11275b58e47c8d3ca416e31f3146dc06dd674f5537f2d54e2.rar

  • Size

    664KB

  • MD5

    3a4f873789223eb401d926d968667abc

  • SHA1

    50916ef357ed21411d87a6bb236a72c78d1498fe

  • SHA256

    9566d114c21b49a11275b58e47c8d3ca416e31f3146dc06dd674f5537f2d54e2

  • SHA512

    8cbff38be7bcaa7440a4436bc19b94cf3ad5a21767732742a783671bb260c8efe1b770fd52a375ea46ffdeef83e058640ad061ccefd07c13acf7584c2fd77b76

  • SSDEEP

    12288:torxUSm4IYHPE/7c3NhzkfLA7+EvgWQYUdHc7gDa0igowji4zPfZzUiJ3IX:utmQMGNqLg+SfUd3eDgo+tzEX

  Score

  3^/10
  behavioral1behavioral2

• • Target

    YILMAZ - Turkey_0058118592 - VANTUZ.pdf.exe

  • Size

    1.1MB

  • MD5

    a5c9fbb82ba442c54ec490f8e7211195

  • SHA1

    87c51e39b5f066cf8d1cc4dc428a95e0021503eb

  • SHA256

    498f04d4b87ac4306d90f28eb28f250d33b4d8d6c573feb6ddc09dc1cf0b678d

  • SHA512

    a782a15a8a0438cca4e900a59ad8b2f8c17e16aaf410731e6a20d97aae6c8dafcffb229b3c2164f34afc87f2105255cc4999186f7802876804fa1c7570849192

  • SSDEEP

    24576:BqDEvCTbMWu7rQYlBQcBiT6rprG8aWlPTFhyjICNe:BTvC/MTQYxsWR7aWlPwr

  Score

  10^/10

  agentteslazgratkeyloggerpersistenceratspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Detect ZGRat V1

  • ZGRat

    ZGRat is remote access trojan written in C#.

    ratzgrat

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral3behavioral4