General
-
Target
RQN0004266.exe
-
Size
1.7MB
-
Sample
210118-y4v5fybqjs
-
MD5
029653c5e3866ae379a555f680cbc217
-
SHA1
3cb1808ccfa92368a715ae587d0cc32c8dfe7ef2
-
SHA256
093100d4a5dffd87156a5d8cea59e341536b607b21b252365a8d2903a6eebf32
-
SHA512
80452f911ff4a69bdc010d767d594ccb086685955a0710c0c8e5d5ad09be4af0d6316ec58a44187aee06b5e9a27f1f31117546c8e77a3b316b16b551d94e280d
Static task
static1
Behavioral task
behavioral1
Sample
RQN0004266.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
RQN0004266.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
RQN0004266.exe
-
Size
1.7MB
-
MD5
029653c5e3866ae379a555f680cbc217
-
SHA1
3cb1808ccfa92368a715ae587d0cc32c8dfe7ef2
-
SHA256
093100d4a5dffd87156a5d8cea59e341536b607b21b252365a8d2903a6eebf32
-
SHA512
80452f911ff4a69bdc010d767d594ccb086685955a0710c0c8e5d5ad09be4af0d6316ec58a44187aee06b5e9a27f1f31117546c8e77a3b316b16b551d94e280d
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Drops startup file
-
Suspicious use of SetThreadContext
-