General
-
Target
391efe10896bf499fc925486977ff31c400b4356c05bcc5f6cde2cdeca4d728c
-
Size
2.9MB
-
Sample
220521-n3hc9ahffm
-
MD5
88a15ec9074875aea41b4656dfcbc8e7
-
SHA1
1dd9a1c5c87b974fe2b4e3620ae8d45a368a050a
-
SHA256
391efe10896bf499fc925486977ff31c400b4356c05bcc5f6cde2cdeca4d728c
-
SHA512
2549323dcb77ee72b2109ee3d4817149728f14e0a5dc533d09c2201956fe484ac5e9db76c235b0bede397d760cde64e7dc6534335e2fde71693498c9b3842ec4
Static task
static1
Behavioral task
behavioral1
Sample
REF-091100679-BEC.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
REF-091100679-BEC.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
REF-091100679-BEC.exe
-
Size
3.4MB
-
MD5
eb418cc79fca67e60db5625ef121773b
-
SHA1
660a24da2ba60704e4bc093b22dd66ff19b6770d
-
SHA256
8948e4e0f392197b1c1436e5f7a2a7bc326c849b6129d8cf287a6d6a03cd642e
-
SHA512
59f0992496b81b166f0ea1bf75e3a8e7d759ec4fcb20b163849f4e2c3cb1c384952b7ed93942bab95b92102a39d42209bf4502204206dc9c93fe218de4cdda91
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-