General
-
Target
10f4301b2a3ae07b38c8153179a42e10
-
Size
507KB
-
Sample
210727-3bs1h25ap6
-
MD5
10f4301b2a3ae07b38c8153179a42e10
-
SHA1
660432ba5598a91b4123a8296c5801dc21aaaf91
-
SHA256
2ccaa6433590b5f135f49de557167dd9bae9e2a80f5550a6379da77e336a0296
-
SHA512
93fef9ac5e4d241db79a917e1e9115b9f50195028cd6e344816092aa6aadeb0b5f3ee48ab4b6af590f156c9c884efa879aa343a84b5bff00446a0247c93dd785
Static task
static1
Behavioral task
behavioral1
Sample
10f4301b2a3ae07b38c8153179a42e10.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
10f4301b2a3ae07b38c8153179a42e10.exe
Resource
win10v20210410
Malware Config
Extracted
agenttesla
https://api.telegram.org/bot1846829589:AAHSsEDTKvDOQ17YrNRY5_FXv5z4mpfGRIc/sendDocument
Targets
-
-
Target
10f4301b2a3ae07b38c8153179a42e10
-
Size
507KB
-
MD5
10f4301b2a3ae07b38c8153179a42e10
-
SHA1
660432ba5598a91b4123a8296c5801dc21aaaf91
-
SHA256
2ccaa6433590b5f135f49de557167dd9bae9e2a80f5550a6379da77e336a0296
-
SHA512
93fef9ac5e4d241db79a917e1e9115b9f50195028cd6e344816092aa6aadeb0b5f3ee48ab4b6af590f156c9c884efa879aa343a84b5bff00446a0247c93dd785
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-