General
-
Target
MTD INVOICE.exe
-
Size
1.7MB
-
Sample
210121-dtsd2kjkxs
-
MD5
4092525e839da8873440c5619f062285
-
SHA1
21636b3e4ededf12c6fcd9efe670a233eba35da5
-
SHA256
4683baaccd097fc0a52df310893719aab01e445170f17132451a2aa2a64c9526
-
SHA512
03659db211e5361e3327783f5f94d45492f59914fe7218c761e4dbc98fba41bdcf83464710f61caa91eab3e5f3cddf4bba96bd64c5f596f6236d9982833bfbfe
Static task
static1
Behavioral task
behavioral1
Sample
MTD INVOICE.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
MTD INVOICE.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
MTD INVOICE.exe
-
Size
1.7MB
-
MD5
4092525e839da8873440c5619f062285
-
SHA1
21636b3e4ededf12c6fcd9efe670a233eba35da5
-
SHA256
4683baaccd097fc0a52df310893719aab01e445170f17132451a2aa2a64c9526
-
SHA512
03659db211e5361e3327783f5f94d45492f59914fe7218c761e4dbc98fba41bdcf83464710f61caa91eab3e5f3cddf4bba96bd64c5f596f6236d9982833bfbfe
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Drops startup file
-
Suspicious use of SetThreadContext
-