General
-
Target
5fa4565c20f3fee20c7756fdfc5c5ed79de21b1f6e623d5ce11d4d4db615bb9f
-
Size
1.1MB
-
Sample
240702-bdlyxs1arc
-
MD5
2eb576631622ab69db0cdfe659bd2e2b
-
SHA1
b7ca33d6bc9316e80fe62792b7b04a81c590c2a6
-
SHA256
5fa4565c20f3fee20c7756fdfc5c5ed79de21b1f6e623d5ce11d4d4db615bb9f
-
SHA512
d566a8f42b6b4be3fc6673778645d3bd6a7fe30c5bf439981cbf49ba0c14c5338280e839957686420eef1b9cb60183c4ae07107d09129fddf5e31c0cf62daf83
-
SSDEEP
24576:3AHnh+eWsN3skA4RV1Hom2KXMmHaM1+lNvMYOREg32TQ5:qh+ZkldoPK8YaMsVK3D
Static task
static1
Behavioral task
behavioral1
Sample
5fa4565c20f3fee20c7756fdfc5c5ed79de21b1f6e623d5ce11d4d4db615bb9f.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
5fa4565c20f3fee20c7756fdfc5c5ed79de21b1f6e623d5ce11d4d4db615bb9f.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
5fa4565c20f3fee20c7756fdfc5c5ed79de21b1f6e623d5ce11d4d4db615bb9f
-
Size
1.1MB
-
MD5
2eb576631622ab69db0cdfe659bd2e2b
-
SHA1
b7ca33d6bc9316e80fe62792b7b04a81c590c2a6
-
SHA256
5fa4565c20f3fee20c7756fdfc5c5ed79de21b1f6e623d5ce11d4d4db615bb9f
-
SHA512
d566a8f42b6b4be3fc6673778645d3bd6a7fe30c5bf439981cbf49ba0c14c5338280e839957686420eef1b9cb60183c4ae07107d09129fddf5e31c0cf62daf83
-
SSDEEP
24576:3AHnh+eWsN3skA4RV1Hom2KXMmHaM1+lNvMYOREg32TQ5:qh+ZkldoPK8YaMsVK3D
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-