c1c46e45d0b8b42cf005b9e9bd380e4de9ee18d67901d5558dab688aa8c41fde

General
Target

c1c46e45d0b8b42cf005b9e9bd380e4de9ee18d67901d5558dab688aa8c41fde

Size

997KB

Sample

210122-e88fsgxq8n

Score
10 /10
MD5

0a9b614f17f76e64252ba5120f26e49b

SHA1

7dd0df3dcc6f275471605434eef5e27681673683

SHA256

c1c46e45d0b8b42cf005b9e9bd380e4de9ee18d67901d5558dab688aa8c41fde

SHA512

e851ee7ec9a7be3b2fe39e10abad51c5f2ba872f6df63ada814836c0a609dc5b52839f1c09b78fa65e8ef938bd13ae80424cd320862ae405d7429cdf0df37765

Malware Config
Targets
Target

c1c46e45d0b8b42cf005b9e9bd380e4de9ee18d67901d5558dab688aa8c41fde

MD5

0a9b614f17f76e64252ba5120f26e49b

Filesize

997KB

Score
10 /10
SHA1

7dd0df3dcc6f275471605434eef5e27681673683

SHA256

c1c46e45d0b8b42cf005b9e9bd380e4de9ee18d67901d5558dab688aa8c41fde

SHA512

e851ee7ec9a7be3b2fe39e10abad51c5f2ba872f6df63ada814836c0a609dc5b52839f1c09b78fa65e8ef938bd13ae80424cd320862ae405d7429cdf0df37765

Tags

Signatures

  • Suspicious use of SetThreadContext

  • AgentTesla

    Description

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    Tags

  • Reads data files stored by FTP clients

    Description

    Tries to access configuration files associated with programs like FileZilla.

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Reads user/profile data of local email clients

    Description

    Email clients store some user data on disk where infostealers will often target it.

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local System Credentials in Files

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
      Discovery
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Persistence
                    Privilege Escalation
                      Tasks

                      static1

                      behavioral1

                      5/10