General
-
Target
transferencia de pago_pdf.exe
-
Size
799KB
-
Sample
221001-qkg1wahagm
-
MD5
00e78eaae97ed8ed417f77889fd1d231
-
SHA1
402044f3fe83b5a8d46592623b28f4a12c549750
-
SHA256
54e93af542ac3ef569b83e4c877e278e95bd1e9bc7cf48335975c42f7729fcd5
-
SHA512
1f2c0980b3a852e6949c23a205942a97b61e7700e98dc5a392fd5195f8a3f62d57ae18d5588597094e903059ca2bcbbf580ae08b21511365407e7fa0d9719562
-
SSDEEP
12288:pA12iNwwg3vloawk0WkV/oxlWaFTnBLIXGybuIRZMXXuqB85JUsvA:u1PcmaYWSgxl9IbNfMXeqYxv
Static task
static1
Behavioral task
behavioral1
Sample
transferencia de pago_pdf.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
transferencia de pago_pdf.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
transferencia de pago_pdf.exe
-
Size
799KB
-
MD5
00e78eaae97ed8ed417f77889fd1d231
-
SHA1
402044f3fe83b5a8d46592623b28f4a12c549750
-
SHA256
54e93af542ac3ef569b83e4c877e278e95bd1e9bc7cf48335975c42f7729fcd5
-
SHA512
1f2c0980b3a852e6949c23a205942a97b61e7700e98dc5a392fd5195f8a3f62d57ae18d5588597094e903059ca2bcbbf580ae08b21511365407e7fa0d9719562
-
SSDEEP
12288:pA12iNwwg3vloawk0WkV/oxlWaFTnBLIXGybuIRZMXXuqB85JUsvA:u1PcmaYWSgxl9IbNfMXeqYxv
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-