General
-
Target
invoice#20221002____________________________________________________________________________________________________________________________________.zip
-
Size
9KB
-
Sample
221003-hmgtwsdfbq
-
MD5
ada1c216ae056e326f229967833cf4dc
-
SHA1
e4dc55bda469383e93225a6f517f94d8e2e0f553
-
SHA256
38ca9ff2307ce3b790449315ee0ce3cfbecef95019a5cca0e99cde1f4f55a7c2
-
SHA512
21e8dbc9c8b92f8dd78611573dce5f0ec9ac2f1675fd48da883588a09b106b24be5159e416bd1f2d67af25f4c32e707082a14ae2ac45f470950f43d6060ec763
-
SSDEEP
192:t5dIffQXln6KCEvBeJON4b5aIfCoU/GBnI1iyP7ZA2oOVc4y:C3+ln6Mv4ON4EIfCLGBnIoKa2o+S
Static task
static1
Behavioral task
behavioral1
Sample
invoice#20221002____________________________________________________________________________________.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
invoice#20221002____________________________________________________________________________________.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
invoice#20221002____________________________________________________________________________________________________________________________________.exe
-
Size
18KB
-
MD5
7afa2f4be1635ca9af331d33f79419e2
-
SHA1
d0a75b94bc15f1ca1ed16ae405642e71577ff957
-
SHA256
86b7ec267f285d43d22ec3695509320d65482b985e1aca941213088fb0925980
-
SHA512
fb5adf32b0cafe2d0f007b5920ebd9f47fa242912c449393b8eb7f35fb61cf6373197a32e41b0259a09b9ad99e6dea4ed73b33a56c1eac4b5395f6c9cd6672c4
-
SSDEEP
384:TG6PsqGJpt09ShA49gfFK1NpQ8IQyxmpGvQoy:yostJpt09iAugfz8I1xmpGYn
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-