General
-
Target
A007 Termbase.msi
-
Size
26.4MB
-
Sample
240427-2j8yraab48
-
MD5
0d74999e3ce596667b1cef92ebac05fa
-
SHA1
f4cecf3d7f2563b5c74c86f744061e338d2d3421
-
SHA256
6d0e896d138e1e12f3c29a4fe7b91618774a7aa59fe1a818853d32c8b06786f4
-
SHA512
e36740d392e751e94f3273d68e6235b03b96ca5f9a63f33ea0a7b3a19545be1cc889aa245c4a85a318e2b36cbcc31c356911476a58d24c9f16f4a18fd419f245
-
SSDEEP
786432:UeBHVLpoSprl9J1P2nYOWMzgpEH68ppppppppb:U21poSRPynwMzgpEa8ppppppppb
Static task
static1
Behavioral task
behavioral1
Sample
A007 Termbase.msi
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
A007 Termbase.msi
Resource
win10v2004-20240419-en
Behavioral task
behavioral3
Sample
A007 Termbase.msi
Resource
win11-20240419-en
Malware Config
Targets
-
-
Target
A007 Termbase.msi
-
Size
26.4MB
-
MD5
0d74999e3ce596667b1cef92ebac05fa
-
SHA1
f4cecf3d7f2563b5c74c86f744061e338d2d3421
-
SHA256
6d0e896d138e1e12f3c29a4fe7b91618774a7aa59fe1a818853d32c8b06786f4
-
SHA512
e36740d392e751e94f3273d68e6235b03b96ca5f9a63f33ea0a7b3a19545be1cc889aa245c4a85a318e2b36cbcc31c356911476a58d24c9f16f4a18fd419f245
-
SSDEEP
786432:UeBHVLpoSprl9J1P2nYOWMzgpEH68ppppppppb:U21poSRPynwMzgpEa8ppppppppb
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla payload
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-