General
-
Target
04785be37d3287305fda47f8fa032e9c8d6ee2e1ae8b5fc8f21c1523f3ea3e9f
-
Size
1.4MB
-
Sample
220521-nhwedaghdl
-
MD5
88bbff6cb030215468a3065c548a8841
-
SHA1
ad7deef86beeba6dcaeb35e95fbb5a03a2539d8b
-
SHA256
04785be37d3287305fda47f8fa032e9c8d6ee2e1ae8b5fc8f21c1523f3ea3e9f
-
SHA512
be2255d3145f6f2b03a8fe981115d559e617879f6a2a0c148ac612f82409c8a5cd9bd245eb2498a6f4a9792cf72d24404be3e2ee4e5f55daf73cff949de356c8
Static task
static1
Behavioral task
behavioral1
Sample
PO_KISS7.scr
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
PO_KISS7.scr
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
PO_KISS7.SCR
-
Size
823KB
-
MD5
baa1fb8329f7fcc164e6ad74b2e38940
-
SHA1
af4f855ae6592eb49ca5b5769de98754739e6d5a
-
SHA256
fe10bd8b94969420ca12e6a499c8210fdb16153503387e53902b0fb1f418cd85
-
SHA512
9ecdaa1bdbb7ba9302fa148994c86f5c644bc38eaf8bf939ac0b86bee15257895cc288f3e826c46bec46caeee1f2718769bc4463f9a4ebbd50be13ae28157735
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-