General
-
Target
SecuriteInfo.com.Artemis8D75B32933A7.14219.12415
-
Size
597KB
-
Sample
210421-rnnqcj93wx
-
MD5
8d75b32933a773d2a57edd0385b2adb1
-
SHA1
9515c6ba27814cc72fc11558a06546ac95c38beb
-
SHA256
99c4db677174d26eb39dfc095ed2a8ff7b3716f0e0e9ad7a6064e28367bd5a63
-
SHA512
00a30d6c62c12645f503f4b372a753929397958cb866c73020959dcb785deaa25fd7fa0719eb45d49b3fba0a911a6fe31c205463d2b543eb9ecfaafda6a189d1
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Artemis8D75B32933A7.14219.12415.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Artemis8D75B32933A7.14219.12415.exe
Resource
win10v20210408
Malware Config
Extracted
agenttesla
https://api.telegram.org/bot1620445910:AAF2v81NoINJsu_XXnpGet1YDm-NxnznaIE/sendDocument
Targets
-
-
Target
SecuriteInfo.com.Artemis8D75B32933A7.14219.12415
-
Size
597KB
-
MD5
8d75b32933a773d2a57edd0385b2adb1
-
SHA1
9515c6ba27814cc72fc11558a06546ac95c38beb
-
SHA256
99c4db677174d26eb39dfc095ed2a8ff7b3716f0e0e9ad7a6064e28367bd5a63
-
SHA512
00a30d6c62c12645f503f4b372a753929397958cb866c73020959dcb785deaa25fd7fa0719eb45d49b3fba0a911a6fe31c205463d2b543eb9ecfaafda6a189d1
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-