Extracted

• • Target

    New-order634657364856474.exe

  • Size

    697KB

  • MD5

    5a5060bfe6e6b3aa2570756ebf3624a7

  • SHA1

    4db4e7fac0fbe044cd7f60f55db322e24f6cc139

  • SHA256

    1c3b40e16baa8378b035a428da10fd16fdd13da968c4222325d9bd72eb34b736

  • SHA512

    b461487a55f7136c831f9cf4924fdc7b0c46487be16e2a1b26079b46cd2cf1e06388864861fff2f4d374f79bcd47aaebebcac91bb865d66532ca958cecc21f4b

  • SSDEEP

    12288:XT/rmFskovj8WI1Rzv3TdPOXfPpitgMkAXfXZJkaCRUgU6gZaPTXVA:XTD3TL8J1Rzv3pmvxitgYfvFMUHMPJA

  Score

  10^/10

  agentteslaguloaderdiscoverydownloaderkeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Agenttesla family

    agenttesla

  • Guloader family

    guloader

  • Guloader,Cloudeye

    A shellcode based downloader first seen in 2020.

    downloaderguloader

  • Loads dropped DLL

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of NtCreateThreadExHideFromDebugger

  • Suspicious use of NtSetInformationThreadHideFromDebugger

  behavioral1

• • Target

    $PLUGINSDIR/System.dll

  • Size

    12KB

  • MD5

    6e55a6e7c3fdbd244042eb15cb1ec739

  • SHA1

    070ea80e2192abc42f358d47b276990b5fa285a9

  • SHA256

    acf90ab6f4edc687e94aaf604d05e16e6cfb5e35873783b50c66f307a35c6506

  • SHA512

    2d504b74da38edc967e3859733a2a9cacd885db82f0ca69bfb66872e882707314c54238344d45945dc98bae85772aceef71a741787922d640627d3c8ae8f1c35

  • SSDEEP

    192:MenY0qWTlt70IAj/lQ0sEWc/wtYbBH2aDybC7y+XBaIwL:M8+Qlt70Fj/lQRY/9VjjgL

  Score

  3^/10

  discovery
  behavioral2