General
-
Target
πληρωμή.exe
-
Size
1.1MB
-
Sample
240701-pyp3zascqc
-
MD5
3c30de0fd7100f3164c9c22bbc2ac4ab
-
SHA1
7b64375fd402d454bb6e5d4bc32e42e7f91bff93
-
SHA256
09ab573f113776723177f6b3dc19efb6c0a638ff5507a0cf587f4e5a67a61346
-
SHA512
18d408a38123ee77e2f11ccae871efb2766752fc62393fd7b87c53a8e6b8fdaa981d9e4b2c25102fe9003eec6b07f3bd5a0b1e62bb3b31a7688b38ae81a2e583
-
SSDEEP
24576:GAHnh+eWsN3skA4RV1Hom2KXMmHaxwOSzSMZIo/5:hh+ZkldoPK8YaxHS3ZIM
Static task
static1
Behavioral task
behavioral1
Sample
πληρωμή.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
πληρωμή.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
πληρωμή.exe
-
Size
1.1MB
-
MD5
3c30de0fd7100f3164c9c22bbc2ac4ab
-
SHA1
7b64375fd402d454bb6e5d4bc32e42e7f91bff93
-
SHA256
09ab573f113776723177f6b3dc19efb6c0a638ff5507a0cf587f4e5a67a61346
-
SHA512
18d408a38123ee77e2f11ccae871efb2766752fc62393fd7b87c53a8e6b8fdaa981d9e4b2c25102fe9003eec6b07f3bd5a0b1e62bb3b31a7688b38ae81a2e583
-
SSDEEP
24576:GAHnh+eWsN3skA4RV1Hom2KXMmHaxwOSzSMZIo/5:hh+ZkldoPK8YaxHS3ZIM
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-