Overview

overview

10

Static

static

10

AxInterop.WMPLib.dll

windows10-2004-x64

1

Dynamitey.dll

windows10-2004-x64

1

GeoIPCitys.dll

windows10-2004-x64

1

Guna.UI2.dll

windows10-2004-x64

1

Interop.WMPLib.dll

windows10-2004-x64

1

NAudio.dll

windows10-2004-x64

1

Newtonsoft.Json.dll

windows10-2004-x64

1

Oxyco Rat ...��.exe

windows10-2004-x64

10

System.IO....le.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    OxycoRat.zip

  • Size

    128.7MB

  • MD5

    12b56e6bcabd01a956035c581a4483c9

  • SHA1

    cebd39acb7aa418717f6aa3c9f82ff214c9e535b

  • SHA256

    42e2abe0db24e083cad593a5f11758972c9e50909f371574614086ce419e4590

  • SHA512

    f06caf6f2c1cb522f0f1df2da492e3e6114bb6b0234c23eef9be7856384b3253ae13f46cabb0500f3ee7e10462a9aab61a8eda1060cd33bab46e25264a587e6e

  • SSDEEP

    3145728:VwKL/f/OreQ1DWjGB2EcH9tya6k//n3PNv+tNOKMPU:Vrf/OyQ1DWj04tXViNOTPU

Score
10/10
agenttesla

Malware Config

Signatures

  • AgentTesla payload 1 IoCs
  • Agenttesla family
    agenttesla
  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

Files

  • OxycoRat.zip
    .zip
  • AxInterop.WMPLib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Dynamitey.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • GeoIPCitys.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Guna.UI2.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Interop.WMPLib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • NAudio.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Newtonsoft.Json.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Oxyco Rat V3‌‌.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • System.IO.Compression.ZipFile.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections