General
-
Target
URGENT REQUEST.zip
-
Size
542KB
-
Sample
221002-npe1zadce4
-
MD5
c74ed9c929e8d1f257ac4c7f72bd7ae4
-
SHA1
2163aeb830524aee6be12083a998f0f0682a39fa
-
SHA256
8fe565d0d9814b5e6430d3799676b1a3b5c24e64bde8a1f7f832aef1f86946e7
-
SHA512
a4c74f6ad4512ae000d75e7753e267bbd0c312e050d0e6293814bf8531120998a4897ec0ee41bf6c509e077ee00996feb4407d1170f728efa864e7cb9fdde369
-
SSDEEP
12288:mFMYbcEF1Owk8+CNZrBsmq3JbpO7UfTq/wkZu7g/xyakM5nf:3Ybcg3iCzC3vO7UbStu7s4akmf
Static task
static1
Behavioral task
behavioral1
Sample
URGENT REQUEST.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
URGENT REQUEST.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
agenttesla
https://api.telegram.org/bot5357159221:AAEuOoQ0pUc4ccIZou0EJ5Zin0mMneE2jYg/
Targets
-
-
Target
URGENT REQUEST.exe
-
Size
796KB
-
MD5
201b7a345545cb2cc3342793c126aa41
-
SHA1
4d1843c7a4a13758a904df9d0d094d10ee926c2e
-
SHA256
93323042c6db7f7e6a25b786f78e6be3c57f6d2b7d4d18394497f366bd5c2785
-
SHA512
7e1f1f14ad52955d5bfe63be3707bfe25a1edd75b4a9f8944333a02edb4aa62d3e04d1d810961c70d027aab1d92da8c4e4b95b853b3502f6ea11bf43855fa7d4
-
SSDEEP
12288:6xII2iN/a+gNXrfomo7VZpOvU9JqJwYFuEADqjJ5n3:e1bgVq7xOvU7CjuOjr3
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-