Christmas Tree and Wishes.exe – AgentTesla Stealer

Christmas Tree and Wishes.exe – AgentTesla Stealer

February 1, 2024

SHA256: 57653821b3827abd3779dcfc3a2d03f480eccf8beab8bc541ecda5aa9dc1bdcc Summary Christmas Tree and Wishes.exe is a .NET compiled AgentTesla spyware/stealer that collects information by colecting OS information, credentials, and user data from a variety of applications. This…

📌
read more
thm.hta – MetaSploit Shellcode Payload

thm.hta – MetaSploit Shellcode Payload

December 28, 2023

SHA256: f94702fecc39579eab7f51a1519495c78d2413daa652a9e989414af2528926e6 Summary thm.hta is an HTA file that contains VBScript code that will create a Wscript.Shell and use it to run a Base64 encoded PowerShell script. The PowerShell script…

📌
read more
file.exe – RedLine Stealer

file.exe – RedLine Stealer

November 9, 2023

SHA256: e4e34c7653ddd8547649fe50cff8dec79f6368cd9251be4ab210f03faf4ce1e4 Summary file.exe is a 32 bit C/C++ compiled Windows executable. This malware identified as Redline Stealer is an infostealer that collects information from the users system, browsers, and…

📌
read more
Request_for_Quote_(COCA_COLA)_7788MX·pdf.vbs – Lokibot Downloader

Request_for_Quote_(COCA_COLA)_7788MX·pdf.vbs – Lokibot Downloader

November 7, 2023

SHA256 Hash: b4800773e3eee6e8a976552273774861c9e1d347e8d5ae500fc8b6c10bc73215 Summary Request_for_Quote_(COCA_COLA)_7788MX·pdf.vbs identified as GuLoader is a vbs file delivered by malspam as an email attachment. Its goal is to get the user to click on the…

📌
read more
PDF IcedID Downloader

PDF IcedID Downloader

November 2, 2023

SHA256 Hash: 6e9a63ae124bdb1a0329932bdb55c1d95e5c2e0020e1627cf4c5f2342db8e1d4 Summary When opened, this PDF document utilized in phishing campaigns will prompt the user with a clickable link stating that viewing the file requires you to download…

📌
read more
Winforms.Binder.exe – Snake Keylogger Malware

Winforms.Binder.exe – Snake Keylogger Malware

October 31, 2023

SHA256 hash: 9734c8dcfd274b038523356935eadc3ff4f7c4b71542def7926f723d0872ca0b Summary Winforms.Binder.exe is a .NET compiled binary for the Windows 32 bit architecture. It contains obfuscated code that ultimately unpacks and executes a Snake Keylogger payload within…

📌
read more
AZCHQN.exe DLPK- A .NET Compiled RemcosRAT Binary

AZCHQN.exe DLPK- A .NET Compiled RemcosRAT Binary

October 26, 2023

SHA256 hash: 7e7575bfc0c9d85c561fc0c69b2bec3b985bc99a4d668f0cccc30acc4bccf686 Summary AZCHQN.exe is a .NET compiled binary for the Windows 32 bit architecture. This executable will unpack RemcosRAT malware and reflectively load the assembly code into the…

📌
read more