General
-
Target
5.exe
-
Size
337KB
-
Sample
211021-ls12haabb8
-
MD5
4bf09e07b7fc87d82d8115be87c6a12c
-
SHA1
25ddf6b761059153b1fde62904aa234e70c805de
-
SHA256
d0520ad19e2860d5fee803399fbfcb676a47f0eeb98104dbf1eb3396ac10dece
-
SHA512
2f0d40bed0c65bb59be99a6ac7176de896b364b8b8f651d2704320bdae5019b82120029bd1224312feb9b1586895c838a2e03d9ce5093d9774852f06de6b429a
Static task
static1
Behavioral task
behavioral1
Sample
5.exe
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
5.exe
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
5.exe
-
Size
337KB
-
MD5
4bf09e07b7fc87d82d8115be87c6a12c
-
SHA1
25ddf6b761059153b1fde62904aa234e70c805de
-
SHA256
d0520ad19e2860d5fee803399fbfcb676a47f0eeb98104dbf1eb3396ac10dece
-
SHA512
2f0d40bed0c65bb59be99a6ac7176de896b364b8b8f651d2704320bdae5019b82120029bd1224312feb9b1586895c838a2e03d9ce5093d9774852f06de6b429a
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-