General
-
Target
a99825a4e67381047a40882b19035d89.exe
-
Size
836KB
-
Sample
221001-jgfv3sgffn
-
MD5
a99825a4e67381047a40882b19035d89
-
SHA1
5e62adeb2881aba4c9d53dac5337ba8e8ebf6ccd
-
SHA256
8e13d2811b868a517d94bfe74134e172fa719c752510802cbb26a60131b7a9f3
-
SHA512
bdd83e1c6a21ba1d7dab2a474ed64ba0bb7ccec2946aea465cff1d800c1a54ba82499bdf288d03192e1639d3796609fe7a5b1e600d4195a0bd866bf78801b510
-
SSDEEP
12288:z2iN7QhQ/Zl6+auQKuIcJhjeVa7FYDoSFJgnPecAz40gotP0oe:z1qC/2+aeBcJhaWFYDoSz4ecAz4Gtre
Static task
static1
Behavioral task
behavioral1
Sample
a99825a4e67381047a40882b19035d89.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
a99825a4e67381047a40882b19035d89.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
agenttesla
https://api.telegram.org/bot5618720367:AAFqeS2K5cBYFRaIBpS6oi_RaSYSI0_A__w/
Targets
-
-
Target
a99825a4e67381047a40882b19035d89.exe
-
Size
836KB
-
MD5
a99825a4e67381047a40882b19035d89
-
SHA1
5e62adeb2881aba4c9d53dac5337ba8e8ebf6ccd
-
SHA256
8e13d2811b868a517d94bfe74134e172fa719c752510802cbb26a60131b7a9f3
-
SHA512
bdd83e1c6a21ba1d7dab2a474ed64ba0bb7ccec2946aea465cff1d800c1a54ba82499bdf288d03192e1639d3796609fe7a5b1e600d4195a0bd866bf78801b510
-
SSDEEP
12288:z2iN7QhQ/Zl6+auQKuIcJhjeVa7FYDoSFJgnPecAz40gotP0oe:z1qC/2+aeBcJhaWFYDoSz4ecAz4Gtre
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-