General

  • Target

    SploitXE_BEta.rar

  • Size

    3.3MB

  • MD5

    68f23738f5bf5e2612eb02d5e1526b8a

  • SHA1

    f59898686617dab7a596f5c452e4a38d90b90449

  • SHA256

    e9c4cdb578c440ae2f25590d9ad7b155ae309d4f0cdc67c1f9528e070b30fac9

  • SHA512

    3897abe5798c11bbe8ca45c59c1a73d055313bc41b42ef7feba9a504f01d7fa155d4a7b26193c51cbb1ccc245305ad71f7c900dbee15316261d09f997119bcb2

  • SSDEEP

    98304:oEc3CcFLpIlSZfA9l0N4MRpJ7BwsE60b81jvO:+lVugOlCRpJ7BwsEGZm

Score
10/10

Malware Config

Signatures

  • AgentTesla payload 1 IoCs
  • Agenttesla family
  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs

Files

  • SploitXE_BEta.rar
    .rar
  • SploitXE BEta/Guna.UI2.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • SploitXE BEta/SploitXE.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • SploitXE BEta/SploitXE.exe.config
  • SploitXE BEta/SploitXE.pdb
  • SploitXE BEta/rbxfpsunlocker.exe
    .exe windows:6 windows x64 arch:x64

    b67b812388a1094acd5db594749b4971


    Headers

    Imports

    Sections

  • SploitXE BEta/setup.exe
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/AdvSplash.dll
    .dll windows:4 windows x86 arch:x86

    741b6bafe355b63a372d737b30543a95


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StartMenu.dll
    .dll windows:4 windows x86 arch:x86

    a648aeaa164b592c1e8892a10400b5ae


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $SYSDIR/frapsv64.dll
    .dll windows:6 windows x64 arch:x64

    cef4b21c53f78138c51f40a3490d2038


    Headers

    Imports

    Exports

    Sections

  • $SYSDIR/frapsvid.dll
    .dll windows:6 windows x86 arch:x86

    8bd657e3a2aec874ff7b8761afab1713


    Headers

    Imports

    Exports

    Sections

  • $TEMP/beepa.bmp
  • HELP/help_fps.htm
    .html
  • HELP/help_general.htm
    .html
  • HELP/help_movies.htm
    .html
  • HELP/help_screenshots.htm
    .html
  • README.HTM
    .html
  • changes.txt
  • fraps.exe
    .exe windows:5 windows x86 arch:x86

    2eabe9054cad5152567f0699947a2c5b


    Code Sign

    Headers

    Imports

    Sections

  • fraps32.dll
    .dll windows:6 windows x86 arch:x86

    901cf2a321aa7eb39bd863e73e1f8add


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • fraps64.dat
    .exe windows:5 windows x64 arch:x64

    ad82390a62dede519dea4dbfc7b3c581


    Code Sign

    Headers

    Imports

    Sections

  • fraps64.dll
    .dll windows:6 windows x64 arch:x64

    1e6a56d4f5105ead332a252c267b6f0e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • frapslcd.dll
    .dll windows:6 windows x86 arch:x86

    95039ae47858a565b3441bc31de120b0


    Headers

    Imports

    Exports

    Sections

  • uninstall.exe.nsis