General
-
Target
d7528856e790f108495fbeb1b399880aff6ce2299508e89e3d1a7785195abccd
-
Size
357KB
-
Sample
220521-pey7jafbe7
-
MD5
8ab0b713620f8c0853850025388ea959
-
SHA1
e8393d93fed4aee737fb86116bcc0f7372ca5529
-
SHA256
d7528856e790f108495fbeb1b399880aff6ce2299508e89e3d1a7785195abccd
-
SHA512
be397854cc2e095896bd316d643d163b11f36c1bc5c257f66bfdf0c39ea6cf5254131082d3dabadc3440b0b5ca925466797dcb09cff8cfab54c4d6417a398fbd
Static task
static1
Behavioral task
behavioral1
Sample
ORDER SPECIFICATION .exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
ORDER SPECIFICATION .exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
ORDER SPECIFICATION .exe
-
Size
371KB
-
MD5
8906f59d18e4741a5a04a85a5019daff
-
SHA1
8d7e572c92e9d6c6f4b9235f5eb68ac2dbec9d81
-
SHA256
04d2aed5efa5c8be62734ea19613f7fa5cbbc521118e1f680f7b9f27be0c0d6f
-
SHA512
f53026f24ad51c0e68e188e390f4873ed20b598dc7fa079a0d2dd183418efc17c867ae98dd28b3440a65bd03115dbbd74d1138cc128b8511943867b3ff4a6a98
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
CoreEntity .NET Packer
A .NET packer called CoreEntity where it has embedded the payload as a BitMap object which is later decrypted.
-
AgentTesla Payload
-
Accesses Microsoft Outlook profiles
-