General

  • Target

    c602ee0dd72eb65564d1a0978d9ed1e77f6f8fb45053886d136ea38722dc16a2.z

  • Size

    17.9MB

  • Sample

    240917-byh3rsyhjf

  • MD5

    57934887a47169c34988c5f080ab33c6

  • SHA1

    6c7eda81f9ea8f4cf7f7b6ba2d6a84ff45dd254d

  • SHA256

    c602ee0dd72eb65564d1a0978d9ed1e77f6f8fb45053886d136ea38722dc16a2

  • SHA512

    1d51b0c016710b0728683b11e4fe88639155f538868152e11100826824c8e8c0789c4df6f4b6e5abbe63a0654ebc67386640bab9f9a1e9514197efdb84d24028

  • SSDEEP

    393216:aEeDql5/ir/9FIcyGgDdrTiGH7btMps/m8oG5/MvZ/ZCqwd:CDqjlhPtTVHvtWs/LoG5/MvBnq

Malware Config

Extracted

Family

agenttesla

Credentials

Targets

    • Target

      SOA INVOICE/A SOA INVOICE.exe

    • Size

      24KB

    • MD5

      dbf001709c85cb1040c86b56dd29e02a

    • SHA1

      8d1c67f18756fc93af61c45a7ccdd88554590c4f

    • SHA256

      5c5ce4bf348150622adb9f71ed42879c4a5ebf99c94c2be940141d28f2c8275d

    • SHA512

      7e59d49be1d670a3b74af5a4340c7d3f041f3a690fbf9d3f35ee9111ae5e6dc56b2486dd8e044f2c88c7d439a35821fa75164e74c7d7456c3e70b78420dc409e

    • SSDEEP

      384:ek4cgxl1oqO3ZKFy3N5AOtFP27xWkVbgWUlIx4c1WuoNDwXw0FP27NBY3Yuv+NA:ySq9FCN5vKxnVbgvqxN1z6chK/Y/+NA

    • AgentTesla

      Agent Tesla is a remote access tool (RAT) written in visual basic.

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      SOA INVOICE/api-ms-win-core-console-l1-1-0.dll

    • Size

      30KB

    • MD5

      06943baf306f9adba37364a413259bcf

    • SHA1

      f940208ed0ace4c5c83d252c7c37305d25b0d6fb

    • SHA256

      b9b07b123e00019cdd15a4a1136395f0465f7216327a0630f7de462c817d8579

    • SHA512

      162ba80ac8cae94c80b888e1861e875c0a36500547f658cbb320fe3aa36d0a4f799ab7e62e5640f6b4c39e9c13df90956d4ce7c5f79c14f9e6a501661dcc8871

    • SSDEEP

      384:6WlhWKyAA0GftpBjGbg6U5lgnf2FP27xWkVbgWUlIx4cJWsKGjR0FP27NBY3Yuvy:ZpiegyiKxnVbgvqxNJzyK/Y/+Z

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-datetime-l1-1-0.dll

    • Size

      29KB

    • MD5

      4c4f2761a8fc3ab852c6dc39f95830f3

    • SHA1

      d74b0820479498f4fb59c39d553ccf4c53f8e5bc

    • SHA256

      6f667d3b0e2b7c2f7a5e10a8fa595e8cfee2c23f5b23df6e3ea90a8ad52c080a

    • SHA512

      4ad57f5ed771d909b4cb5fa8cf7062fbb8c4b0c0733845171f89db063fa667fc9b6de082c08067a2a918bc86610e960f253f81243758dac8f0952345c1f6be9e

    • SSDEEP

      384:dWlhW+QpbMA0GftpBjtpg6llfgpSQiFP27xWkVbgWUlIx4clWwGA20FP27NBY3Yg:ktjiJg3+KxnVbgvqxNlzK/Y/+3Vy

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-debug-l1-1-0.dll

    • Size

      29KB

    • MD5

      c805538913d4ceab6c6f3c965d5bc0e3

    • SHA1

      f77f837e1591c9ada8a4035eebd6ecdbc106874a

    • SHA256

      a421616ea167fe11bef6f5c0bb0dd66c359f6bf480b1ed15847ab73275e045b2

    • SHA512

      7e5509ce98afca08c68272ba40822e049e9ad35538fc653c387c943e7e020d80f631169ec0443f9781d17de6163e57e715f7f483ad3ab3dc98da890483c3f582

    • SSDEEP

      384:r8+WlhWlQpbMA0GftpBjZjig6S6+6lgn1NjFP27xWkVbgWUlIx4chWo4p40FP27x:M2ji/GgSEThKxnVbgvqxNhCpZK/Y/+z

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-errorhandling-l1-1-0.dll

    • Size

      30KB

    • MD5

      6ffa981d66d7b82584189cd3e0d5d099

    • SHA1

      6fa1989b9443345208f841b5aeb06e4cf4b96211

    • SHA256

      dc08e3b8637dbd6bc6c855c65edbf3795b701fe701fa12719c131911c8e01b8e

    • SHA512

      b663581efe33ff7e8f8129fef727e6c6bb94d2463b36b2571c8a06d38c3cd97c41650343a0290320b9884b62b56e6f0e80184c6d0555b3a782a0761709be770f

    • SSDEEP

      768:QiiViO1/tgY1ywIKxnVbgvqxNxtE4K/Y/+S:QiiVfx+YbIKxnKvKNxtE4K/I

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-file-l1-1-0.dll

    • Size

      33KB

    • MD5

      01525de85235c24a694d8aaf75e023ce

    • SHA1

      ff5c13309ef80d5cae666130391a8babe5bbc791

    • SHA256

      4bc7aa817a478ba96c27979799836bb0a546f9de06d1a895b69d54d53d440b77

    • SHA512

      801efc09d84b74b9905df4c2232826bce28a2e6b963d25f3569291a70513397096df1a40906992f513901a5995855dab718bdc80b9a079be6df0150c98627ddd

    • SSDEEP

      768:VPvVXSfiTyNg9RaKxnVbgvqxNVdK/Y/+1g:7SfuyePaKxnKvKNVdK/Y

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-file-l1-2-0.dll

    • Size

      30KB

    • MD5

      bc7899abefccc19f73fa62bf6c4b61db

    • SHA1

      8446db73f5092a35e471741e53c02abff5b3e335

    • SHA256

      4b58f2b8fefbc21bbf8701369c407a033126fa07969a130412aeae337c91ff3f

    • SHA512

      b838a0e1100f5b6d2b80cf4405dacafb85991ad25ad8cd10e4b7a805a8c88c59665653f774b6f8842d3891de2d0ed413e6238dffd07e55a9250eaaeb26a7a9fb

    • SSDEEP

      384:peWlhWzyAA0GftpBjDCg6wl3HMfFP27xWkVbgWUlIx4cVWIoo/0FP27NBY3Yuv+i:pl2iVCg9aKxnVbgvqxNV6K/Y/+OiC

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-file-l2-1-0.dll

    • Size

      30KB

    • MD5

      f43088e17cc5484da8ce03337ef9b7f8

    • SHA1

      b18c3672e8034069d2e338397b620ca0df07d898

    • SHA256

      1ca42474e533bf5045f52be8fdb9b91a1e80c30e06f7c8e52e7a8a20e1af067a

    • SHA512

      7c04937e2c109620ac7f185dc212dd5393ec4a6a4e18e38fd6dff5e9b859ef775bda20b3575519343e67dd475533bfb604fde260e292642a78e8acc3efc7b6b8

    • SSDEEP

      384:hyWlhWIyAA0GftpBj0g6+l2wwi8msmFP27xWkVbgWUlIx4cVWhgdP5knq0FP27Nc:7niqgiwBKxnVbgvqxNVBuK/Y/+5u

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-handle-l1-1-0.dll

    • Size

      30KB

    • MD5

      cf690fe7ff4fa8ccb3339359508e3ef3

    • SHA1

      814d369d4cde811ec6bd21e6a067a7b75660cd87

    • SHA256

      69ef715cff6349e9f86b3c739f8b010a423c0d37626d03bea6e391a8c08e0bc3

    • SHA512

      ab85e6ec4e9f408846b84809ef735d50857e7c473c299800748cf1a1fa94135c0eda39d56c274ae476b5699a5164c2092754934a071ef3e891491e5deee74410

    • SSDEEP

      384:UWlhWg9MIA0GftpBjyNg6ml9TCETiBaUFP27xWkVbgWUlIx4c9WOA0FP27NBY3Y2:XFKqiINgzLibKxnVbgvqxN91K/Y/+uR

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-heap-l1-1-0.dll

    • Size

      30KB

    • MD5

      3796644e4f4fe607fac0ff8574d2b3e0

    • SHA1

      d8f0f8069015bab200b8beb4fb7f9f5e2427cd96

    • SHA256

      d165498140d974cce1d91142eab2097fca36adc7124fc01eae87cefd1c79ecc8

    • SHA512

      2ff4c1c15500f4054696594a14eae1c836d661c1685cd42feb8ef26184fa697b13d11f2c48090a89bedbae4d46a64edb92a504b57e1db8763975d05b51b647a7

    • SSDEEP

      384:llGWlhWkyAA0GftpBjibPg6g6ClkonHaI2FP27xWkVbgWUlIx4cVWjcco0FP27N+:tTiQjg2o69KxnVbgvqxNViK/Y/+Wn

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-interlocked-l1-1-0.dll

    • Size

      30KB

    • MD5

      3d19db303b8d416198ad7faf986efccf

    • SHA1

      93e99ab20d3d26cdb48eef07ca01cb0ab8841703

    • SHA256

      79ab7b453672bc8bc5ed0c5e1676a425765bf6c44954998f668db9bf1a038a7c

    • SHA512

      dba45c08c7927617920a17a6cb3ae12dbac8391673868f5233bac1dfcb55ea8ce7523ab0e5f6c85e342b26583f8ab92609ea4ccea04456996e10a9874c1989aa

    • SSDEEP

      768:F7iB6gjIlNSLEKxnVbgvqxNp2euK/Y/+Mt:F7EtjIlsoKxnKvKNp2euK/i

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-libraryloader-l1-1-0.dll

    • Size

      30KB

    • MD5

      ba599d4f5548e87af16ef3437e91350c

    • SHA1

      c109e88cb4f202fd4ed4e1f077b91bb4a046b020

    • SHA256

      497e1dcfa6cabaedb0572e2d8c813bbfce42dbef2f10476ea22d41628d6b11eb

    • SHA512

      e56cfecdc009105091ed0d6ad92ee96e026761d588117e7aacbd04c2c6fd8a62c46513f2837e4542a095d4233e280735e4ec0aa279ca0dcd146d0ec770c90638

    • SSDEEP

      768:hBL3B3yqi4b+hqgMrKxnVbgvqxNBNK/Y/+qQ:p3yqn4MrKxnKvKNBNK/sQ

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-localization-l1-2-0.dll

    • Size

      32KB

    • MD5

      0ec6f1990f77c6fefbedf5ca28ba68f0

    • SHA1

      c6756bf41e66a70aedc40d12f4e2edf88abfb7dd

    • SHA256

      4becd155fc548ba385772c330d9d4d91f7a6cf63a9940c2821e0a347fe3d4bb8

    • SHA512

      1d637f30021832d09de9860e12e3dbe99fc30c745fef21f6ad3d5a8e5dce1d2a5e92ce60154bfd5e31d58bfb265b32c43a17f5e052497bb08acdda64db4eb256

    • SSDEEP

      768:AAuOMwBprwjGjue9/0jCRrndbMkviUb+gP7KxnVbgvqxN1h/QILK/Y/+G:AAuOMwBprwjGjue9/0jCVdwSvlP7Kxnh

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-memory-l1-1-0.dll

    • Size

      30KB

    • MD5

      e4b553e5735778e750c12eaa51561597

    • SHA1

      1ce587fdaccb4d83743ec1bfe0605e176741b777

    • SHA256

      31f715125bd69aba1f3311114dc6e3e8169e1422bc733730a82f6be8a003d3f0

    • SHA512

      0e4bdb6208a229922597088bde510a47a6e3a14d743da039e9095e05ff4dae37347e099fbe3b4e79bc662ae12abdef4375746fa84d41a8d8a527597331fc0d55

    • SSDEEP

      384:qkWlhWIMIA0GftpBjC9Pg6rEl3H8NgFP27xWkVbgWUlIx4c9W8dS0FP27NBY3YuY:S2qiEPgkqxKxnVbgvqxN9PK/Y/+7

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-namedpipe-l1-1-0.dll

    • Size

      30KB

    • MD5

      bb77d1296c9d28d15f863072497295b9

    • SHA1

      de8b854fbfe593c5af72be63d464c386796a8683

    • SHA256

      2f3f73cdb79acc1cebc63e3f41ba4724e7bcef6d37a63b5f470535ad2ff0cfd1

    • SHA512

      4556b0affc02a9b40525d2e45b2937793eb9362db3c9e27c380e0185d9e438149e395de70a222697f5fe6408802c480a4656950c4eeb34e86f7d5affe0ee06dd

    • SSDEEP

      768:Gyji0u7gfFofKxnVbgvqxNBE4hK/Y/+kIZZ:GyHDfFofKxnKvKNBEMK/2IZZ

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-processenvironment-l1-1-0.dll

    • Size

      31KB

    • MD5

      05619f93046cecb8c54ea24680fd031a

    • SHA1

      8c65e0c1f352fc7e4dd83243fb5920abaefcbbbb

    • SHA256

      57c7a2e8707b4e9b94a04b83d2d562388e424dbe5136e8ceb9a78b42b666bf02

    • SHA512

      837593be94d0f670ca35759091c5726f1669becc15170318ed7814da94b57ff540d4677b05d9398be72485f86a88c665e1b54fc54ad984cd8a00ee83f6fa1d28

    • SSDEEP

      384:tAWlhW3aCIcPA0GftpBjbzg6owl3HUn1FP27xWkVbgWUlIx4c1WqDlo0FP27NBYZ:lUiRgkuKxnVbgvqxN1tK/Y/+s

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-processthreads-l1-1-0.dll

    • Size

      32KB

    • MD5

      f7b419d3ccff58420c80a2a7afeb86ed

    • SHA1

      884e8ea7791a363ca30a032d610fd6c957905a8e

    • SHA256

      365dbb97e68ad5e843504892a54a71fcfa2c305ea4f633b0468794bfa5097aee

    • SHA512

      3b3032b85794ab0fe84cd51b65d8ff5df9ea0d38b5ab36da22c5b7244c65bd592f58a411c0b457f5de7016716c35146f5d1b35396b918ebd760cd1da3a63c463

    • SSDEEP

      768:pcKSU4iNgzz4rF9eKxnVbgvqxNlvOK/Y/+P1:L4Vzz4ruKxnKvKNlvOK/p1

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-processthreads-l1-1-1.dll

    • Size

      30KB

    • MD5

      33660336de27d173f4c6e210490b6809

    • SHA1

      e70e39704120861c8f0e7b68da0c813417289464

    • SHA256

      cdf883aeaa5c2073d70d1bb5045127a5632848f2f5d156e871b4dfd188a64902

    • SHA512

      88a0082058f51022b1b255b51bf2876697ff97437058151e87806caa1bdd1cfedc17036140734f89dee7c62541527eba774ff6c2a5bbca2c7a81ef4d8bc60ea9

    • SSDEEP

      384:u2DfIeDWlhWX8fEgA0GftpBj7g62lgnDn4FP27xWkVbgWUlIx4clW+kxcdT0FP2x:aeGRvi5gIIKxnVbgvqxNlAcKK/Y/+Hf

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-profile-l1-1-0.dll

    • Size

      29KB

    • MD5

      434e09f02e2457b1d2b0e6f6ecccd0c9

    • SHA1

      b4d1b166e530927f107c0b1fb2d178b2c60f962f

    • SHA256

      170296f40c2726ba70da583624b5028ab7a790995858a74dc9a08b7cb87faa4e

    • SHA512

      d13839003400071b5ae5dbee326bc05cab53c9a6987a4c468aa089dfa32d1360b57b71ac18362adf7102fb26dc5231e7d1011037ac90a5d95949aa34c19c63d4

    • SSDEEP

      384:NWlhWJyAA0GftpBjqg6jlpfm9Bq0FP27xWkVbgWUlIx4cJW9RQ3Q0FP27NBY3Yut:U8i0gMWKxnVbgvqxNJSQhK/Y/+SQS

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-rtlsupport-l1-1-0.dll

    • Size

      30KB

    • MD5

      d6d9674141a49610640d0e649f6958ec

    • SHA1

      ed786d0cfe17a847df7143b351747144ad97c438

    • SHA256

      f155dcb9449be6aee30474e54af5a1c719e3cc916dfd11441da3eab0774a3327

    • SHA512

      08139e712c686394f7eab0b842af744140bb56fc8b21d2ae1a8188660bacab4271c77d470554e4b5431292e0704bb77bb6d8189c0000c3ccafbca9c87a0730f1

    • SSDEEP

      768:bGeV50viNCkgsLOKxnVbgvqxN9OKK/Y/+p0w:zC7sSKxnKvKN9OKK/J

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-string-l1-1-0.dll

    • Size

      30KB

    • MD5

      a77d77c6d869de52ec0e8bc0aa55b64d

    • SHA1

      85862d684ec789a4bed4469573bcadbeecc62ca0

    • SHA256

      696cf553062aa00449ebd05cc2686876f023f764404f9db3c702ff0e72026b31

    • SHA512

      315fa1a29dfe4a80a399842eecfd878ece0985cb30fc017f7511644528807cb3de3d92aa6626660ca4baf9400606f830a940fee8f889120cf0d604d61a2c5023

    • SSDEEP

      384:KyMvhWlhWoaCIcPA0GftpBjwbg63hilpfm9zJIDFP27xWkVbgWUlIx4clWygv0FU:KyMvwzieguGZKxnVbgvqxNlXK/Y/+2c

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-synch-l1-1-0.dll

    • Size

      32KB

    • MD5

      d97c861ba58ddea690a02aa8d0b16cd8

    • SHA1

      e8ba4c8f0f12ba3cbc2234f47cf1dbec5b2ea91a

    • SHA256

      d549ae91964c01e3e13d1b3c5f2c1954a3e7957564f33a3cca2eeb19ce4f7697

    • SHA512

      8bb13a1ec5f45ecc25ae38ccced6b253f94e8a08ebb9f100e68e107139e42f8198f4a81d504528ed610148a2ec8ac9de7e9b7425c35bbdd890b6c97febf7203b

    • SSDEEP

      768:ydv3VqpkXc0vVaFRMiz4gNHsKxnVbgvqxNhRK/Y/+f:ydv3VqpkXc0vVaFRMoNHsKxnKvKNhRKB

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-synch-l1-2-0.dll

    • Size

      30KB

    • MD5

      d722f9cdbd1b6ed76a25b760a0e9fc7b

    • SHA1

      ab52b10c34c68ab65bd578703e43073d9ca443c3

    • SHA256

      1db1f5308fa690710b758a63043b4005b28722d4a29b8000e52a981cfa5de4c2

    • SHA512

      b3c1133ac22bfb0ae3f6a0bb2f62839e8da198a0c58ce9ee8ba574b9eb1969400260aa62eb3aad87ef5af5a756375ad5e274a056ec733c311b6e907b27618267

    • SSDEEP

      384:ftZ3KWlhWHJA0GftpBjssn1g6glCED10+GFP27xWkVbgWUlIx4cxW+iMkV0FP27b:d6iGk1ggEDkKxnVbgvqxNxCMFK/Y/+Ll

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-sysinfo-l1-1-0.dll

    • Size

      31KB

    • MD5

      b8be774ac2d546e782e5a85567160f0b

    • SHA1

      d355961949e549f223982089506af7c7a95e5934

    • SHA256

      ccb81a6641c421deaa8ab5d7359abfdebd813f43c78af437ce75cb8d38adfb53

    • SHA512

      4994ad0d0f9d3a8870c21e6be7b8d7cebf07a48277691f02b1ec8a62e02290357540ace37b6c115b0e8e12176c2af620ebc75c7d7e799f50df0d2b64037ae83c

    • SSDEEP

      768:Cz8u7isfgPpNzKxnVbgvqxNJ9FAK/Y/+q:O8u78RFKxnKvKNJ9FAK/4

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-timezone-l1-1-0.dll

    • Size

      30KB

    • MD5

      0c21ab79c61f59544c90a3abe1a2a40c

    • SHA1

      4bd8b9c2b820fe846b2ed2b796908179d067ebcc

    • SHA256

      f283de535eb99048f1418804996df1a27f289f1c03b21d01c519295e0d6bdad9

    • SHA512

      1a262a5c3b9e0d0657a3df93e49aa0cf61572a2366fed0a0fb7ffba628af5ec9d7f39f2173c940fbf205c7dd79de6c782127a245ad0744dc4bcb9e364fb99194

    • SSDEEP

      384:XWlhWTiyAA0GftpBjqI7g62l2wwik6RFP27xWkVbgWUlIx4ctWFOV0FP27NBY3Yf:C9izgiwBKxnVbgvqxNtsK/Y/+f

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-core-util-l1-1-0.dll

    • Size

      30KB

    • MD5

      f3d3fed7fdc3dbc8567fb7a21be413a2

    • SHA1

      addaf3da114ef95ae803ad58e001ab80e7d29f55

    • SHA256

      999da311e69d8343c3bd2324fb43f7e45542aacc53cfc3d3c8f3ebbdc9a0b722

    • SHA512

      7940bfc89c67f24d3c80374ad2a32ba015679ef4c69d64602deab45dfd53d16a16e5e1e66651288623bfe7752297cace8c6fe55a8e32d45b42066398f0ffe7e2

    • SSDEEP

      384:jgWlhWeQpbMA0GftpBjB7g6gYlgHrgx//FP27xWkVbgWUlIx4cdvWbqMp0FP27Nd:j7xjib7g/9rQKxnVbgvqxNdvyKK/Y/+V

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-crt-conio-l1-1-0.dll

    • Size

      31KB

    • MD5

      f99ffb0ab41910353a9edc24bff95a3b

    • SHA1

      175c7370903647e1b5b300be46537d048e9f6216

    • SHA256

      207c3a862f9fe5a94731a46cdceb42e75daf8f8025cf1504815b5ca62fed01b6

    • SHA512

      b8ec97b37d333f9eef4854ce647667009fd3e1fc5d9d2297a6f75fd7894999fcf2acc6b1907a43b5ca798839a5d35d445d650044c15314774dc687afcb11886e

    • SSDEEP

      384:bWlhWgUoaCIcPA0GftpBjbg6JlCED10/lFP27xWkVbgWUlIx4cdvWIbo/0FP27NK:uFU8iJgfED4KxnVbgvqxNdvRK/Y/+A/

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-crt-convert-l1-1-0.dll

    • Size

      34KB

    • MD5

      060963ec63d98eaf3acdc61e789b757c

    • SHA1

      f3ba0b2f1ce59afd0e2e0f9515736c9890d9889d

    • SHA256

      47739e8272b1b633984f2830a8bf200ddd73b26fbfc1694c43ff922b55f54189

    • SHA512

      7b3590e1445cea7c200c0267d26616b677de526f3796420e241c4c4dd8078a3315566b119df10c784a7958546e17d4d9d77bb244bfa2e595e88a58c9aa2c7287

    • SSDEEP

      384:fcJ2y3WlhWQy3iA0GftpBjxOhg6IlCED10lMNFP27xWkVbgWUlIx4c9Wpmu0FP2C:fDEMiehg8EDZKxnVbgvqxN9LK/Y/+BW

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-crt-environment-l1-1-0.dll

    • Size

      30KB

    • MD5

      2965c12277fcb719d97203232f1e39ac

    • SHA1

      3d320fd6d983a4f62c718fdd3477c681168486d9

    • SHA256

      a1651712774d01c909689a85b5b7a69da91db33ef133f8ac75ef19227b4b5969

    • SHA512

      40315dbb91fd4deb7938ccd54994e9d60a10bdd693f37e3e7f3be1e2feb77c9424c0cf3a66c2b9461a9bbe13ce6755886c235b80afbe0917df8b22e89aba13f9

    • SSDEEP

      384:yvWlhWHyAA0GftpBjhg6El2wwioNOzFP27xWkVbgWUlIx4cVW7NrqRR0FP27NBYo:jKi7gIwGQKxnVbgvqxNVIfK/Y/+V

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-crt-filesystem-l1-1-0.dll

    • Size

      32KB

    • MD5

      a0a7fe0a84a0409864c8e3ce8dab91c4

    • SHA1

      60601052da95eaf6252569c7ca22dafc93b26d83

    • SHA256

      55861a838331aaf2f8f77317021ce73e4b71132ca061b623f5b8c28367ddc357

    • SHA512

      2a3e5d672ed7d6c016d935098402fa4311b04a5d6b82debf2c957b9b102ed8add6e495d4581f12f77abd3194bb047bffb149b0a0fc286f916f75e0e8b76afb2c

    • SSDEEP

      768:+TnWm5CyIMiS911Kgb9uKxnVbgvqxNB61K/Y/+0:yLIMp9lb4KxnKvKNB61K/u

    Score
    1/10
    • Target

      SOA INVOICE/api-ms-win-crt-heap-l1-1-0.dll

    • Size

      30KB

    • MD5

      d6f029bff29f487e497d278389efb240

    • SHA1

      6a7b87b6c16fa81147572366ddca951c9b27ace7

    • SHA256

      e06e375102970b78c448b131a01047e6876da4547aa9b649b8f4cc23d9656de8

    • SHA512

      818ed85caad185d16762ebad0158a6bb7cce98867db42bd94e42903c8115dbc78480276e128e4fc4838ea73cc49c556582a8c19cac0ee696bea0d8d7e83aaf60

    • SSDEEP

      768:7ptyil6JhgoR7QlKxnVbgvqxNJkVXK/Y/+p9:LyA6Qo7MKxnKvKNJYXK/5

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan
Score
10/10

behavioral2

agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan
Score
10/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10