General
-
Target
1aa0a694514e8d6f9c6bac9ce30012da.exe
-
Size
858KB
-
Sample
221001-jgzcesffe2
-
MD5
1aa0a694514e8d6f9c6bac9ce30012da
-
SHA1
178a1fa31de25bb407711c0a15bbca17379da858
-
SHA256
6a45965e8432c999b09077ed80bea92d88221b1acdc4438cef1fced193e9e775
-
SHA512
3343cbd81701884d027ed369fee8ec498a8e8ed5f96bc842629afa59a47177d0e41ea6e7e7cce3280ce4afbcdef579b5646bb20f78505bb28b2123a96b5097dc
-
SSDEEP
24576:QpIX6XsLSYSx9z+WbvFKgiyoYSbAn0zyq:Q06gSBxbKyScn0zy
Static task
static1
Behavioral task
behavioral1
Sample
1aa0a694514e8d6f9c6bac9ce30012da.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
1aa0a694514e8d6f9c6bac9ce30012da.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
agenttesla
https://api.telegram.org/bot5618720367:AAFqeS2K5cBYFRaIBpS6oi_RaSYSI0_A__w/
Targets
-
-
Target
1aa0a694514e8d6f9c6bac9ce30012da.exe
-
Size
858KB
-
MD5
1aa0a694514e8d6f9c6bac9ce30012da
-
SHA1
178a1fa31de25bb407711c0a15bbca17379da858
-
SHA256
6a45965e8432c999b09077ed80bea92d88221b1acdc4438cef1fced193e9e775
-
SHA512
3343cbd81701884d027ed369fee8ec498a8e8ed5f96bc842629afa59a47177d0e41ea6e7e7cce3280ce4afbcdef579b5646bb20f78505bb28b2123a96b5097dc
-
SSDEEP
24576:QpIX6XsLSYSx9z+WbvFKgiyoYSbAn0zyq:Q06gSBxbKyScn0zy
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-