General
-
Target
32c8230019e23982d4215f224a8d89cb9d829c14f8bbbc8b631d021051842806
-
Size
1.1MB
-
Sample
240701-bnfvna1hnf
-
MD5
294eb8bf4a8373f515e8add657f0335c
-
SHA1
86bf6e750084f974a1984c6694d5a814c05dd6bb
-
SHA256
32c8230019e23982d4215f224a8d89cb9d829c14f8bbbc8b631d021051842806
-
SHA512
552dfab22f6fbf12409293d430bb19929c2f0ab62b7ba4fb9a3b885b9399c2cd107df07b6430b64dd8f95e0565df6eea701d58e18b1477b67a91af23c2980151
-
SSDEEP
24576:IAHnh+eWsN3skA4RV1Hom2KXMmHaNMDi++LDD5gOD/2H/jF/Y5:Ph+ZkldoPK8YaN6ixLDD5gOjso
Static task
static1
Behavioral task
behavioral1
Sample
32c8230019e23982d4215f224a8d89cb9d829c14f8bbbc8b631d021051842806.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
32c8230019e23982d4215f224a8d89cb9d829c14f8bbbc8b631d021051842806.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
32c8230019e23982d4215f224a8d89cb9d829c14f8bbbc8b631d021051842806
-
Size
1.1MB
-
MD5
294eb8bf4a8373f515e8add657f0335c
-
SHA1
86bf6e750084f974a1984c6694d5a814c05dd6bb
-
SHA256
32c8230019e23982d4215f224a8d89cb9d829c14f8bbbc8b631d021051842806
-
SHA512
552dfab22f6fbf12409293d430bb19929c2f0ab62b7ba4fb9a3b885b9399c2cd107df07b6430b64dd8f95e0565df6eea701d58e18b1477b67a91af23c2980151
-
SSDEEP
24576:IAHnh+eWsN3skA4RV1Hom2KXMmHaNMDi++LDD5gOD/2H/jF/Y5:Ph+ZkldoPK8YaN6ixLDD5gOjso
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-