General
-
Target
SecuriteInfo.com.Trojan.DownloaderNET.345.1426.23758.exe
-
Size
368KB
-
Sample
220930-s2ggsaehen
-
MD5
33e68a7510dcfb5bde633f26fdeca472
-
SHA1
e680a3fdd550eb4a6aca20b30a36e05eb45415ea
-
SHA256
e8cb54fc07335dd8c060f355cfb8df7b13ef33f6a3b7e29020be099c08228bbb
-
SHA512
736e594d7d855053cab8809228e005d0217b0010b60bb71bd5cc8d4dc1604c7703dc884d0cbb0c6f9e27cb73a6cfe2c9095c258ba4fd4a991251fe5419919fa2
-
SSDEEP
6144:BWanHVEMY712J9kd4hOktonWXXcd/yy1a+:nn1E5E/bhOktonWXOKy1
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.DownloaderNET.345.1426.23758.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.DownloaderNET.345.1426.23758.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Trojan.DownloaderNET.345.1426.23758.exe
-
Size
368KB
-
MD5
33e68a7510dcfb5bde633f26fdeca472
-
SHA1
e680a3fdd550eb4a6aca20b30a36e05eb45415ea
-
SHA256
e8cb54fc07335dd8c060f355cfb8df7b13ef33f6a3b7e29020be099c08228bbb
-
SHA512
736e594d7d855053cab8809228e005d0217b0010b60bb71bd5cc8d4dc1604c7703dc884d0cbb0c6f9e27cb73a6cfe2c9095c258ba4fd4a991251fe5419919fa2
-
SSDEEP
6144:BWanHVEMY712J9kd4hOktonWXXcd/yy1a+:nn1E5E/bhOktonWXOKy1
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-