General
-
Target
8a32017e36960f365076023db2432821.exe
-
Size
6.2MB
-
Sample
220926-j6pvaaaad4
-
MD5
8a32017e36960f365076023db2432821
-
SHA1
a7baf8eb36dad4c6c8ab1ed7beeca6502ec75ebb
-
SHA256
d7f913d0c42823a04e980b79d3a2d59cb7f3e5010ab76be3deff721ceaa6be18
-
SHA512
f638cdf2299dba1057025ee514d14689ef3b37aefc58113d2efed721e494d72f16576a4dde0bccc60576665cc86469c86743351cab47fd692b7687cd37fe33da
-
SSDEEP
196608:gx6dQmRrdA6lakaqdVTmRR0Df5lG7Knn:FdQOlawdIRRK5s8n
Behavioral task
behavioral1
Sample
8a32017e36960f365076023db2432821.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
8a32017e36960f365076023db2432821.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
agenttesla
https://api.telegram.org/bot5657488012:AAHDN1koYHLz9mNQgDuQb9LHKBhj178QI_g/
Targets
-
-
Target
8a32017e36960f365076023db2432821.exe
-
Size
6.2MB
-
MD5
8a32017e36960f365076023db2432821
-
SHA1
a7baf8eb36dad4c6c8ab1ed7beeca6502ec75ebb
-
SHA256
d7f913d0c42823a04e980b79d3a2d59cb7f3e5010ab76be3deff721ceaa6be18
-
SHA512
f638cdf2299dba1057025ee514d14689ef3b37aefc58113d2efed721e494d72f16576a4dde0bccc60576665cc86469c86743351cab47fd692b7687cd37fe33da
-
SSDEEP
196608:gx6dQmRrdA6lakaqdVTmRR0Df5lG7Knn:FdQOlawdIRRK5s8n
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-