General
-
Target
bdb0ac70bebc81279991b9c105c59359f2f32eec88f46d51d2b651c0d7bfda58
-
Size
1.1MB
-
Sample
240629-bfy19szfrl
-
MD5
4077c39a97bd611f516e776dabe66964
-
SHA1
489f49a978876c252d0279a8665de8c44ab49bc7
-
SHA256
bdb0ac70bebc81279991b9c105c59359f2f32eec88f46d51d2b651c0d7bfda58
-
SHA512
9f3f98f6ac16083a58d66254cd31eefb3f66b5c383713cf48ad915d47d4287a7261dd0d68384f9081ec82a10c13d3c16747fce6c12d3021914b5f3d10658c7ab
-
SSDEEP
24576:XAHnh+eWsN3skA4RV1Hom2KXMmHaD5HQk3ErvZuJ85:Kh+ZkldoPK8YaDJl3EDv
Static task
static1
Behavioral task
behavioral1
Sample
bdb0ac70bebc81279991b9c105c59359f2f32eec88f46d51d2b651c0d7bfda58.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
bdb0ac70bebc81279991b9c105c59359f2f32eec88f46d51d2b651c0d7bfda58.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
bdb0ac70bebc81279991b9c105c59359f2f32eec88f46d51d2b651c0d7bfda58
-
Size
1.1MB
-
MD5
4077c39a97bd611f516e776dabe66964
-
SHA1
489f49a978876c252d0279a8665de8c44ab49bc7
-
SHA256
bdb0ac70bebc81279991b9c105c59359f2f32eec88f46d51d2b651c0d7bfda58
-
SHA512
9f3f98f6ac16083a58d66254cd31eefb3f66b5c383713cf48ad915d47d4287a7261dd0d68384f9081ec82a10c13d3c16747fce6c12d3021914b5f3d10658c7ab
-
SSDEEP
24576:XAHnh+eWsN3skA4RV1Hom2KXMmHaD5HQk3ErvZuJ85:Kh+ZkldoPK8YaDJl3EDv
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-