General
-
Target
8bee7b24dcd50461e9c801f48cf2d57713595ad7086c4e4726131120e3743059
-
Size
1.1MB
-
Sample
240630-bk3v1svdjl
-
MD5
34bb671b65cb03dde19c0b6d99fe4649
-
SHA1
0803e7064b1117ce2957503558dcd142013a6c46
-
SHA256
8bee7b24dcd50461e9c801f48cf2d57713595ad7086c4e4726131120e3743059
-
SHA512
a8057bf2aad678f8e9a8f1cf75a6d461f80b2839f8ccee70ffb00f75fa6180638d19dd3b5d1b87cb90f78bb88e651b1b850f3e7b7dde11c8ae1a9c90ef160139
-
SSDEEP
24576:VAHnh+eWsN3skA4RV1Hom2KXcmtcKLEnpE3dyB0vG:Eh+ZkldoPKsacK4+Ny
Static task
static1
Behavioral task
behavioral1
Sample
8bee7b24dcd50461e9c801f48cf2d57713595ad7086c4e4726131120e3743059.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
8bee7b24dcd50461e9c801f48cf2d57713595ad7086c4e4726131120e3743059.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
8bee7b24dcd50461e9c801f48cf2d57713595ad7086c4e4726131120e3743059
-
Size
1.1MB
-
MD5
34bb671b65cb03dde19c0b6d99fe4649
-
SHA1
0803e7064b1117ce2957503558dcd142013a6c46
-
SHA256
8bee7b24dcd50461e9c801f48cf2d57713595ad7086c4e4726131120e3743059
-
SHA512
a8057bf2aad678f8e9a8f1cf75a6d461f80b2839f8ccee70ffb00f75fa6180638d19dd3b5d1b87cb90f78bb88e651b1b850f3e7b7dde11c8ae1a9c90ef160139
-
SSDEEP
24576:VAHnh+eWsN3skA4RV1Hom2KXcmtcKLEnpE3dyB0vG:Eh+ZkldoPKsacK4+Ny
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-