General
-
Target
SecuriteInfo.com.Win32.PWSX-gen.20546.exe
-
Size
988KB
-
Sample
221003-g5f5mscgbk
-
MD5
65d31e97fb6186e0ae39e10d614c877c
-
SHA1
00c5262a4475086727aadfa95dc9842ad48ae6ca
-
SHA256
2107eeec59919ea8ec495701134e942d7f88d19de70b97016f1df74b16c8c90d
-
SHA512
265644393b7f9207678207406e663c278747a00008a883fecc721ad51d217629950e9d5f474e5c909954c7d55132b950f691965dfab938300ea4ca8503e44387
-
SSDEEP
12288:AciUK4HTNVwbY2B22wA0XgadEZWioT9uE9QA5VA97ITdiX/znJa/2lbXli90egfn:3wc2w250HPJ3/s0Jk/s61i907zz
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.PWSX-gen.20546.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Win32.PWSX-gen.20546.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Win32.PWSX-gen.20546.exe
-
Size
988KB
-
MD5
65d31e97fb6186e0ae39e10d614c877c
-
SHA1
00c5262a4475086727aadfa95dc9842ad48ae6ca
-
SHA256
2107eeec59919ea8ec495701134e942d7f88d19de70b97016f1df74b16c8c90d
-
SHA512
265644393b7f9207678207406e663c278747a00008a883fecc721ad51d217629950e9d5f474e5c909954c7d55132b950f691965dfab938300ea4ca8503e44387
-
SSDEEP
12288:AciUK4HTNVwbY2B22wA0XgadEZWioT9uE9QA5VA97ITdiX/znJa/2lbXli90egfn:3wc2w250HPJ3/s0Jk/s61i907zz
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-