agenttesla | 85be84d2ff47de1645a610a24fd8d74fe9cce57d67c0004a7567c9057d437a8d

Sharing

Copy URL

Twitter E-mail

General

Target

WizWorm v4.rar
Size

35.5MB
Sample

240828-1mecwazbpl
MD5

f71405cf784f28bdf7dcd9b264b5dd47
SHA1

a89a9fcfce0c6730c49721ffe36a42cbc67dff69
SHA256

85be84d2ff47de1645a610a24fd8d74fe9cce57d67c0004a7567c9057d437a8d
SHA512

bed140bdf63385f4f99ef8b15ecdba7623a1a7203d094cc620bb9a26c7b50d15c64b448a6a68d22076a3763fa766ef9be442893234798c906611bcb59ded7dce
SSDEEP

786432:tXg3IFClVCp3K7P3EIKKBfUTbBBeMBcPS7UrArI1j5MmJupyFosaUUMs5:hg3LVCp+ExEUTbfeMBcPgTrKFMmJucFC

Score

10^/10

agenttesla

Malware Config

Targets

- Target
  
  WizWorm v4/Dynamitey.dll
- Size
  
  164KB
- MD5
  
  c5fa3518d32e1e5290113ac31f3bbc6d
- SHA1
  
  3a735f84575d3e19408f2c0b60a032166cea51a7
- SHA256
  
  db29f47dc1918253a36a09ff5804d14ddc81098ecf627e668ca617e3a0e2ab5e
- SHA512
  
  c1c508a014501f558df21ca9bc063eee1aa117a9c34617e76d9cc88f7d2d1a348377446c1f997fdff3564fe1e1424f113e36f309822563cfa1b471eb4b909a9d
- SSDEEP
  
  3072:RnLcuy9J8ZC/jpYZ0u+yegE1My1KnSe+Iev:pLcTJ8ZC/jp+09vG+Ie
Score

1^/10
behavioral1 behavioral2
- Target
  
  WizWorm v4/FastColoredTextBox.dll
- Size
  
  333KB
- MD5
  
  b746707265772b362c0ba18d8d630061
- SHA1
  
  4b185e5f68c00bef441adb737d0955646d4e569a
- SHA256
  
  3701b19ccdac79b880b197756a972027e2ac609ebed36753bd989367ea4ef519
- SHA512
  
  fd67f6c55940509e8060da53693cb5fbac574eb1e79d5bd8f9bbd43edbd05f68d5f73994798a0eed676d3e583e1c6cde608b54c03604b3818520fa18ad19aec8
- SSDEEP
  
  6144:4FErOIif3RzSHh+20lXs1TzCeBcQeDbNlz7:eEeR52bmeh0n
Score

1^/10
behavioral3 behavioral4
- Target
  
  WizWorm v4/Fixer.bat
- Size
  
  126B
- MD5
  
  3e41f6c12444d0c72b8c2d9be75f2efd
- SHA1
  
  64e6cd77417d3e355c36ee1d15677723c96b6695
- SHA256
  
  b13589d839dded18a4b7258c6418dbee5759665f4eb18878ce2a76bca31b7753
- SHA512
  
  b8b0975a58a2aa161b691f44d6e0e0dd99f76381e2f94f49cda1eec4b5ca6a68200b9534d0f73cdc332b9f243d051c41038231852c969b77f418b5711c9e4f99
Score

1^/10
behavioral5 behavioral6
- Target
  
  WizWorm v4/GMap.NET.Core.dll
- Size
  
  2.9MB
- MD5
  
  819352ea9e832d24fc4cebb2757a462b
- SHA1
  
  aba7e1b29bdcd0c5a307087b55c2ec0c7ca81f11
- SHA256
  
  58c755fcfc65cddea561023d736e8991f0ad69da5e1378dea59e98c5db901b86
- SHA512
  
  6a5b0e1553616ea29ec72c12072ae05bdd709468a173e8adbdfe391b072c001ecacb3dd879845f8d599c6152eca2530cdaa2c069b1f94294f778158eaaebe45a
- SSDEEP
  
  49152:ot12Gb/hz7ZsK9qY5uyUW57VC4IB1+fXhQ1hyCzMw/22fSg7gjxhUE/nbTC0xemh:oLbteKb57W1+PhQ1HM1gmJ/SZmh
Score

1^/10
behavioral7 behavioral8
- Target
  
  WizWorm v4/GMap.NET.WindowsForms.dll
- Size
  
  147KB
- MD5
  
  32a8742009ffdfd68b46fe8fd4794386
- SHA1
  
  de18190d77ae094b03d357abfa4a465058cd54e3
- SHA256
  
  741e1a8f05863856a25d101bd35bf97cba0b637f0c04ecb432c1d85a78ef1365
- SHA512
  
  22418d5e887a6022abe8a7cbb0b6917a7478d468d211eecd03a95b8fb6452fc59db5178573e25d5d449968ead26bb0b2bfbfada7043c9a7a1796baca5235a82b
- SSDEEP
  
  3072:k1GmgYqIY/0YSDBRGlDUqL63budipxj64m8HWYh3vHbFwMhLJSb+:lIO6rGloqL63qW62lJ
Score

1^/10
behavioral10 behavioral9
- Target
  
  WizWorm v4/Guna.UI2.dll
- Size
  
  1.9MB
- MD5
  
  bcc0fe2b28edd2da651388f84599059b
- SHA1
  
  44d7756708aafa08730ca9dbdc01091790940a4f
- SHA256
  
  c6264665a882e73eb2262a74fea2c29b1921a9af33180126325fb67a851310ef
- SHA512
  
  3bfc3d27c095dde988f779021d0479c8c1de80a404454813c6cae663e3fe63dc636bffa7de1094e18594c9d608fa7420a0651509544722f2a00288f0b7719cc8
- SSDEEP
  
  24576:FIVZLRYIVQd9INo3FDbWX7SsOobBTEAjg+m+ZFNwaxwGoHQ/jzK+:+oWodbi9XFEAjg+m+ZFKaxw
Score

1^/10
behavioral11 behavioral12
- Target
  
  WizWorm v4/IconExtractor.dll
- Size
  
  10KB
- MD5
  
  640d8ffa779c6dd5252a262e440c66c0
- SHA1
  
  3252d8a70a18d5d4e0cc84791d587dd12a394c2a
- SHA256
  
  440912d85d2f98bb4f508ab82847067c18e1e15be0d8ecdcff0cc19327527fc2
- SHA512
  
  e12084f87bd46010aded22be30e902c5269a6f6bc88286d3bef17c71d070b17beada0fe9e691a2b2f76202b5f9265329f6444575f89aff8551c486eafe4d5f32
- SSDEEP
  
  192:7f77J4cGYyfQknxLvIgyLY5xJeU5pPpZlEAs:HS2yINgyLYLJR5wl
Score

1^/10
behavioral13 behavioral14
- Target
  
  WizWorm v4/MetroFramework.Design.dll
- Size
  
  16KB
- MD5
  
  ab4c3529694fc8d2427434825f71b2b8
- SHA1
  
  7be378e382e43eae84f1567b3570bca9a67e7697
- SHA256
  
  0a4a96082e25767e4697033649b16c76a652e120757a2cecab8092ad0d716b65
- SHA512
  
  02d7935f68c30457da79ad7b039b22caed11d8aedfec7c96619ac6da59ceb7c5e7a758dced64ec02d31c37a2befccdc8eb59be9e2dc849aa2bc22fabb5fa00a5
- SSDEEP
  
  384:HYAB8KPALBamLG3gckiBTVU6sgFf5L7WTOYKpKG4rw:HyLBamS3gckiBTVkgiVXr
Score

1^/10
behavioral15 behavioral16
- Target
  
  WizWorm v4/MetroFramework.Fonts.dll
- Size
  
  656KB
- MD5
  
  65ef4b23060128743cef937a43b82aa3
- SHA1
  
  cc72536b84384ec8479b9734b947dce885ef5d31
- SHA256
  
  c843869aaca5135c2d47296985f35c71ca8af4431288d04d481c4e46cc93ee26
- SHA512
  
  d06690f9aac0c6500aed387f692b3305dfc0708b08fc2f27eaa44b108908ccd8267b07f8fb8608eef5c803039caeabf8f88a18b7e5b1d850f32bbb72bcd3b0b7
- SSDEEP
  
  12288:O+/9JcJlYqCNktA+SXfGpq2fHowSqCNktA+SXfvJR9FrIJJaqCNktA+SXfUC:O+/3qlrCNoh+UqgIwhCNoh+JR9FrIJJw
Score

1^/10
behavioral17 behavioral18
- Target
  
  WizWorm v4/MetroFramework.dll
- Size
  
  345KB
- MD5
  
  34ea7f7d66563f724318e322ff08f4db
- SHA1
  
  d0aa8038a92eb43def2fffbbf4114b02636117c5
- SHA256
  
  c2c12d31b4844e29de31594fc9632a372a553631de0a0a04c8af91668e37cf49
- SHA512
  
  dceb1f9435b9479f6aea9b0644ba8c46338a7f458c313822a9d9b3266d79af395b9b2797ed3217c7048db8b22955ec6fe8b0b1778077fa1de587123ad9e6b148
- SSDEEP
  
  6144:M4S7k5hdCpU4YqfkUGz6KpQQZQHDXjNCdOZgLdL5DXBK:M4S7k5hdCEQHP1Zgj
Score

1^/10
behavioral19 behavioral20
- Target
  
  WizWorm v4/NAudio.dll
- Size
  
  502KB
- MD5
  
  3b87d1363a45ce9368e9baec32c69466
- SHA1
  
  70a9f4df01d17060ec17df9528fca7026cc42935
- SHA256
  
  81b3f1dc3f1eac9762b8a292751a44b64b87d0d4c3982debfdd2621012186451
- SHA512
  
  1f07d3b041763b4bc31f6bd7b181deb8d34ff66ec666193932ffc460371adbcd4451483a99009b9b0b71f3864ed5c15c6c3b3777fabeb76f9918c726c35eb7d7
- SSDEEP
  
  6144:96/i10SZtfzWctj98vZcE0wmLlaIZs5eku2sX2hrjAzvgmXa6W9FwsT9idwktQZG:9yrSKMJR9aGs55T1X9Fwspi2tGpmS
Score

1^/10
behavioral21 behavioral22
- Target
  
  WizWorm v4/Plugins/ActiveWindows.dll
- Size
  
  14KB
- MD5
  
  bfcc4ba5a426dc0aa6f49f97af71a1b8
- SHA1
  
  b98b1937e0964c21e253a10c1fbcce999ae39e0f
- SHA256
  
  8811e461a12eda82747e3c93faa574daade6196554bd54248a39bb1dc60e3cc6
- SHA512
  
  7668689a2df44c5ee1e4336a1396ab5a3155285521aa72363464afc3ff3800badc4328ded45481566179415a9735999892883e0f53ce1ab13d771506ac1830a5
- SSDEEP
  
  384:xqIGejCx3hvND6PEfcodT8Ft0Y7XZ3T6D4r:xqIGeAlDzztYZ3T6D6
Score

1^/10
behavioral23 behavioral24
- Target
  
  WizWorm v4/Plugins/All-In-One.dll
- Size
  
  4.8MB
- MD5
  
  ad93ac5d3be73f2299794b3bf2d4be05
- SHA1
  
  0389d363ff17b97b0b08d76754ff8158b4acf894
- SHA256
  
  3d0ab05ed810a90ebfc5e1c27515ac1ecbdd97740d98f6de9ec022e7e5d25962
- SHA512
  
  db2b2fd580d858807d18ad600c8a9cecf3143cfc5f9f1fe3ff6610fc0e3aff73ca32dde69df54a3b93e15c8c0780065e95ca9898e25c40cb40a901937ba25c76
- SSDEEP
  
  98304:Nl19F9QORkChiDC9OtH7c2iwGxIvPBOw0JefVfQ2a5cFd4KssODtd1:99FPRkC8C9OH7c2ilInz0kfVo26Wsd
Score

1^/10
behavioral25 behavioral26
- Target
  
  WizWorm v4/Plugins/Chat.dll
- Size
  
  18KB
- MD5
  
  89e9eb5b232895fb03b1f2aa39f18866
- SHA1
  
  557827301e3dacbaac0be81b81e86c245b3b7a02
- SHA256
  
  7b1ddba264ad369b0ed418a3ab7d237f1595263937adbe94a573884bd7092676
- SHA512
  
  db9b5269a80a1cce1f1f304347527399159cd056aafa956119abc4fad0f3e6823229a31a33c258130613a1ac7986d3c15174bb79b10792ad6d88f4740429a3fa
- SSDEEP
  
  384:tUeLD8aDbXCtSewu51smLUAJb//crwTKvt0GIKoI2fiUWufp:kkbCtSewq2mLlJ4r0HI2fiXi
Score

1^/10
behavioral27 behavioral28
- Target
  
  WizWorm v4/Plugins/Clipboard.dll
- Size
  
  14KB
- MD5
  
  18b18457b835976d61e7bba55cef138a
- SHA1
  
  e59e25b7bb4c2ef22dca16e20e8f59958335a063
- SHA256
  
  9f4f3fc3a53df95f36f4597c2d381db39f0f1bc9a16094cc2a2dff3b9e0c393c
- SHA512
  
  395e9e9de6e456b1735f2b274288995d9cac910f7f74d63ca655d85acf518da5f4136897adc636c85c7a950f6e1de190cfb1237e05cee3d0dcc9a72312529a8d
- SSDEEP
  
  192:zXyVpJlyIx36qxCbYAlOE+J+e66iASPWPOFXgNTen1i9iY6IW1mX/60/bAqEM7R/:eVpl+wMdAAGUSTe1oi2X/6jMT4U
Score

1^/10
behavioral29 behavioral30
- Target
  
  WizWorm v4/Plugins/FileManager.dll
- Size
  
  27KB
- MD5
  
  619c100475392748cf9e432e0bf50853
- SHA1
  
  aaf0054d0451b6ebe0ebadc0169f9f3bce76d1ba
- SHA256
  
  ce0566fb91afd33130854ca33931a9bfded58fddbfb349374ba3beda1a464f64
- SHA512
  
  578b60c68114b1f72d2926f3ef789dce00f90fae99ef9d6e5ed34d3bd9bf5a5779b2600c76aad80d0f1fa3684c05fe4a8fbdca2045f29e201fff74278375a3b2
- SSDEEP
  
  384:PJEyxW7xwE/qS106519SVzajDL9jz7Owkxqb8cl/hsutzgk/b7oBrk6CHvIsC67G:jxW7xwIL9SQdzNbHV32mXC6C
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32