General
-
Target
g.zip
-
Size
4.9MB
-
Sample
240618-trnzjs1cjg
-
MD5
da1ba16280582079ea62bb5eda7c4d30
-
SHA1
59bd803c98eb75f427155c04ce2b1126efaa1fa5
-
SHA256
205b02e34109d65cea7134d31bf1eda399f2ca966749ce6f966d3c4a168361f8
-
SHA512
bfde114fa2c4814a760f5f52e0169865f43d5cd12caedb58e6d16f95529c0abb7c73b208653c8c56afb311b851d5521f727c38d68c9913afcaf2b716b527cb6b
-
SSDEEP
98304:rzrDdgrZA9J8tEOTHI5o4l9+OJUVEp0DkKOFqDV0b8rutTF1jbLLkT:VuZiJ8+O8m0+1EokLFD8rutTFBkT
Behavioral task
behavioral1
Sample
Guna.UI2.dll
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
Guna.UI2.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
Memory.dll
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
Memory.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
reach.exe
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
reach.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
Guna.UI2.dll
-
Size
2.1MB
-
MD5
c19e9e6a4bc1b668d19505a0437e7f7e
-
SHA1
73be712aef4baa6e9dabfc237b5c039f62a847fa
-
SHA256
9ac8b65e5c13292a8e564187c1e7446adc4230228b669383bd7b07035ab99a82
-
SHA512
b6cd0af436459f35a97db2d928120c53d3691533b01e4f0e8b382f2bd81d9a9a2c57e5e2aa6ade9d6a1746d5c4b2ef6c88d3a0cf519424b34445d0d30aab61de
-
SSDEEP
49152:6QNztBO2+VN7N3HtnPhx70ZO4+CPXOn5PThDH2TBeHjvjiBckYf+Yh/FJ3:6Ahck2z
Score1/10 -
-
-
Target
Memory.dll
-
Size
46KB
-
MD5
e12cf8fb6ac64e777885450169204c59
-
SHA1
39ec1ca65121ca182394c9357223d51ac8ee5031
-
SHA256
71179d4c0067842dbbcacb3344363d2f2c2e423c1bc25fb48a1ad77bd6099785
-
SHA512
22da4a8ddca02fbbb6f3e3b1c33b5d0b1c017d591c11a72805ebbea928e83fb0805b0b5f6fe4e1480175c66ecbd54926d93095f801fb8ac4d159e5cbfe2e7b26
-
SSDEEP
768:CMVw0nXsIWTqTkbICch0tOEI32BnoLUZaHYyRSAaaZL4MKHiE+2xSQFaFuBbOPcH:BVjXsIWTqTsIQtOEI3tHL41CE+FKbO9E
Score1/10 -
-
-
Target
reach.exe
-
Size
4.1MB
-
MD5
c8cbc57915836322fd79b73f5cdd0047
-
SHA1
ab2c9a392af16dde09c032b05ad19ca7c2170434
-
SHA256
91a7ca4f9b9361e8eb01f2c52eeb67a36233cb7ccd481214472ed9065f247c52
-
SHA512
a72619e18e262aba281ba70edc97a038bbbcf7ef0530cf66b85432baba0f1da71edb3ccaf014775c8faea702edf86e28c3fa84ddb22f9a09c08c1b59220dd3ff
-
SSDEEP
98304:MY/Hu/2WllEKvUVoLu98EoHqDhmt8jgRVVjlvvv0p:MYGuUEToq8DHf8jgRVVt0p
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla payload
-