General

  • Target

    lava.zip

  • Size

    50.6MB

  • MD5

    22ea15e9e2b15ec209c39c67d5501544

  • SHA1

    70d651509f651741d5696ef0ff71c246e8822fc5

  • SHA256

    783c5a590d5e1577c23f3d48859faec4269c8d3b5d7535ce5113792675514204

  • SHA512

    b737a2d1eaaf8280cf9a7ba7b8de8ebe3f1b2e353af94d3582e620926a5c71d64722a0a33645014cdf0bb77136e0f487a114f2430a687204fba67d154b92198b

  • SSDEEP

    786432:AS8z/2LVMT91++JOWNQjocdwjvuO27GAvPHlIuJx0dGMtDwQRGvAaep7:ASW/2mxMDdwf2CYPKyfyR/n

Score
10/10

Malware Config

Signatures

  • AgentTesla payload 1 IoCs
  • Agenttesla family
  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

Files

  • lava.zip
    .zip
  • 2024 star of the night Api.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • FastColoredTextBox.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Guna.UI2.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Leave.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Leave.exe.config
  • Leave.pdb
  • Shaakey-idfk12-09d89e6/main.exe
    .exe windows:6 windows x64 arch:x64

    8e3dad4d4ea6736338bcc4aca7b446c9


    Headers

    Imports

    Sections

  • api/CeleryIn.bin
    .dll windows:6 windows x64 arch:x64

    57127fa98e84d836ff1e07fcec0c9958


    Headers

    Imports

    Exports

    Sections

  • api/CeleryInject.exe
    .exe windows:6 windows x64 arch:x64

    a8ea59004473be8b94aa5a159ca3d95e


    Headers

    Imports

    Sections

  • bin/API.dll
    .dll windows:6 windows x64 arch:x64

    dfd11645eb4732c0409f51f0532c3683


    Headers

    Imports

    Exports

    Sections

  • main.exe
    .exe windows:6 windows x64 arch:x64

    8e3dad4d4ea6736338bcc4aca7b446c9


    Headers

    Imports

    Sections

  • version.txt
  • workspace/.tests/appendfile.txt
  • workspace/.tests/getcustomasset.txt
  • workspace/.tests/isfile.txt
  • workspace/.tests/listfiles/test_1.txt
  • workspace/.tests/listfiles/test_2.txt
  • workspace/.tests/loadfile.txt
  • workspace/.tests/readfile.txt
  • workspace/.tests/writefile
  • workspace/.tests/writefile.txt
  • workspace/IY_FE.iy