General
-
Target
JaffaCakes118_99c99ae716fba538d8685f2e9d5f9be5
-
Size
430KB
-
Sample
250108-l4jatsxngm
-
MD5
99c99ae716fba538d8685f2e9d5f9be5
-
SHA1
4aac17819f8dc6a9435481fda825936c47aeb489
-
SHA256
9dc6644b59a4c37995b0c017256d938e03f6dc26a7b2cfee9f6eac92d8457dc6
-
SHA512
aafd92aae54543999bc54cc9f3ab1126a52c5d91e4bbca17c9bf07d36132c84c1b76e945d1ce3ccd5dcecb1d187a225ed85423ab0338ccbc7dc016a9ed1e6750
-
SSDEEP
6144:hBlL/+lrHomkbgytaFTAGGW56pXrT6DpFpK7ULtVjHIvDp2IWyxRKQXPn03fmoGT:nNbrGAGGy6pXAhqYA8IhPOfmoGT
Malware Config
Targets
-
-
Target
JaffaCakes118_99c99ae716fba538d8685f2e9d5f9be5
-
Size
430KB
-
MD5
99c99ae716fba538d8685f2e9d5f9be5
-
SHA1
4aac17819f8dc6a9435481fda825936c47aeb489
-
SHA256
9dc6644b59a4c37995b0c017256d938e03f6dc26a7b2cfee9f6eac92d8457dc6
-
SHA512
aafd92aae54543999bc54cc9f3ab1126a52c5d91e4bbca17c9bf07d36132c84c1b76e945d1ce3ccd5dcecb1d187a225ed85423ab0338ccbc7dc016a9ed1e6750
-
SSDEEP
6144:hBlL/+lrHomkbgytaFTAGGW56pXrT6DpFpK7ULtVjHIvDp2IWyxRKQXPn03fmoGT:nNbrGAGGy6pXAhqYA8IhPOfmoGT
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Agenttesla family
-
AgentTesla payload
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-
-
-
Target
$PLUGINSDIR/woskyvpzx.dll
-
Size
19KB
-
MD5
dd4ff4b24f8b39951e3946a5282b7ed0
-
SHA1
d4d1015d01326ba4526fcff52e4c9bbb271d951e
-
SHA256
f880d09a6f9bc64f974844f92fa9bb764dc2613342fde134d8c037a2267506bc
-
SHA512
6e822b523f15948a42b1d2703525c8f3744fbb6a7e3aff99345908822fbd65dafe38d6972976211f9558c712d65be1c1a42bb9dabb63fb4576c409ce95e93528
-
SSDEEP
384:ZS6zZ1fZeiwx2OoULif7NSrSinQyTL8vj:ZTzZ1BeigaxSrSi2
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Agenttesla family
-
AgentTesla payload
-
Suspicious use of SetThreadContext
-