General
-
Target
993abb59380ab0b53cd3da2816d2465f15e0a71c02afb0573c99761a0399fece
-
Size
8.6MB
-
Sample
220927-hs9f4acgf6
-
MD5
4948b929bb208f93f38d5be571a5bd22
-
SHA1
eb5017c6267104558bb39df35b9b90805fb4c07e
-
SHA256
993abb59380ab0b53cd3da2816d2465f15e0a71c02afb0573c99761a0399fece
-
SHA512
6c2a4d68e62504d29ed358ca36c5665b9f24f4be2576649fe0f0eec5bbe9d547c24b2fe382defa8fe17a37e114db5d8e4e7273dbf86fdcf61916ec9b0a1b69d1
-
SSDEEP
196608:RKFOAV2QsyH3zEPmvdsBc84njQthsiHzy7kAqaJrDZezvjNV:IOOnzJvaBcdnKhs57LJ8z
Behavioral task
behavioral1
Sample
993abb59380ab0b53cd3da2816d2465f15e0a71c02afb0573c99761a0399fece.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
agenttesla
https://api.telegram.org/bot5657488012:AAHDN1koYHLz9mNQgDuQb9LHKBhj178QI_g/
Targets
-
-
Target
993abb59380ab0b53cd3da2816d2465f15e0a71c02afb0573c99761a0399fece
-
Size
8.6MB
-
MD5
4948b929bb208f93f38d5be571a5bd22
-
SHA1
eb5017c6267104558bb39df35b9b90805fb4c07e
-
SHA256
993abb59380ab0b53cd3da2816d2465f15e0a71c02afb0573c99761a0399fece
-
SHA512
6c2a4d68e62504d29ed358ca36c5665b9f24f4be2576649fe0f0eec5bbe9d547c24b2fe382defa8fe17a37e114db5d8e4e7273dbf86fdcf61916ec9b0a1b69d1
-
SSDEEP
196608:RKFOAV2QsyH3zEPmvdsBc84njQthsiHzy7kAqaJrDZezvjNV:IOOnzJvaBcdnKhs57LJ8z
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-