General
-
Target
4d5857f2906499f68653e5cb62a73f0ac6c70e5859ad38f6758fb66b82c383de
-
Size
1.5MB
-
Sample
240702-bfzb2avarn
-
MD5
a00f60a1940fdfea4403c43a0c4aeb4c
-
SHA1
72ff8b40ade0c4acf26bb4b7dc3368170c551609
-
SHA256
4d5857f2906499f68653e5cb62a73f0ac6c70e5859ad38f6758fb66b82c383de
-
SHA512
53b15b5a1731da07551b3109d4ad1f74e0fd9f849c4bfd4b9ce671c22e79bf31922f23ab8ce13d3ddd8d14a7ef4ea04c2e70c2bf2f585e1125822cf005995b4c
-
SSDEEP
24576:sAHnh+eWsN3skA4RV1Hom2KXImsPLepS2M4fJ7ww0R5:Lh+ZkldoPK4NPLeqQ7D0b
Behavioral task
behavioral1
Sample
4d5857f2906499f68653e5cb62a73f0ac6c70e5859ad38f6758fb66b82c383de.exe
Resource
win7-20240611-en
Malware Config
Targets
-
-
Target
4d5857f2906499f68653e5cb62a73f0ac6c70e5859ad38f6758fb66b82c383de
-
Size
1.5MB
-
MD5
a00f60a1940fdfea4403c43a0c4aeb4c
-
SHA1
72ff8b40ade0c4acf26bb4b7dc3368170c551609
-
SHA256
4d5857f2906499f68653e5cb62a73f0ac6c70e5859ad38f6758fb66b82c383de
-
SHA512
53b15b5a1731da07551b3109d4ad1f74e0fd9f849c4bfd4b9ce671c22e79bf31922f23ab8ce13d3ddd8d14a7ef4ea04c2e70c2bf2f585e1125822cf005995b4c
-
SSDEEP
24576:sAHnh+eWsN3skA4RV1Hom2KXImsPLepS2M4fJ7ww0R5:Lh+ZkldoPK4NPLeqQ7D0b
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-