General
-
Target
ac76f7c2a4bdf1384741cf285a0320cb0534d8c6b71bfccc3934d85496a4057f
-
Size
770KB
-
Sample
220930-vs4l3aebe8
-
MD5
85b652b9ce1c68f18491a73b98bd2a7b
-
SHA1
7d0eb3cf15fbf153db57b979ccac546028b8c9b6
-
SHA256
ac76f7c2a4bdf1384741cf285a0320cb0534d8c6b71bfccc3934d85496a4057f
-
SHA512
2913483e942175f7fa446517f942188f6ba2f70c5fcb2041f73616a8492947687f6bf79f3a1bc3c2dfca5513b6693ec4c539eb70aee031743fe5eab7ae61c8c9
-
SSDEEP
12288:wTDLuk6bzkXSdqYEWYaobcKpIxwdtJY1nkQiCYlNny7:oIbzkioYEWYTcpuep
Static task
static1
Behavioral task
behavioral1
Sample
ac76f7c2a4bdf1384741cf285a0320cb0534d8c6b71bfccc3934d85496a4057f.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
agenttesla
https://api.telegram.org/bot5618720367:AAFqeS2K5cBYFRaIBpS6oi_RaSYSI0_A__w/
Targets
-
-
Target
ac76f7c2a4bdf1384741cf285a0320cb0534d8c6b71bfccc3934d85496a4057f
-
Size
770KB
-
MD5
85b652b9ce1c68f18491a73b98bd2a7b
-
SHA1
7d0eb3cf15fbf153db57b979ccac546028b8c9b6
-
SHA256
ac76f7c2a4bdf1384741cf285a0320cb0534d8c6b71bfccc3934d85496a4057f
-
SHA512
2913483e942175f7fa446517f942188f6ba2f70c5fcb2041f73616a8492947687f6bf79f3a1bc3c2dfca5513b6693ec4c539eb70aee031743fe5eab7ae61c8c9
-
SSDEEP
12288:wTDLuk6bzkXSdqYEWYaobcKpIxwdtJY1nkQiCYlNny7:oIbzkioYEWYTcpuep
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-