General
-
Target
doc2345689965624_PDF.exe
-
Size
754KB
-
Sample
221003-jhlgysdeh9
-
MD5
d1b7a506e8304005a3a8023e36b50358
-
SHA1
a253862e719a7bb806a62434e9a10161a6fca713
-
SHA256
6ef9a376afdb282ef522864e538136e5351108451c5ee92410d5b4c14ad20342
-
SHA512
9e53f5f48c9b0e330a17ee0a5ff1234d444457060b65328093bcf83f28d2a68420532ae133aeb37689763f5e1723dd12c2a684205af6613dcb284809fb250b6a
-
SSDEEP
12288:aj/jmj+PyiU5shDxSVI3ACKKogxtSEHJvfzeTrvuk7GKsqGYc:Q/cliYcSVI3AQtS+zGvzfslz
Static task
static1
Behavioral task
behavioral1
Sample
doc2345689965624_PDF.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
doc2345689965624_PDF.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
doc2345689965624_PDF.exe
-
Size
754KB
-
MD5
d1b7a506e8304005a3a8023e36b50358
-
SHA1
a253862e719a7bb806a62434e9a10161a6fca713
-
SHA256
6ef9a376afdb282ef522864e538136e5351108451c5ee92410d5b4c14ad20342
-
SHA512
9e53f5f48c9b0e330a17ee0a5ff1234d444457060b65328093bcf83f28d2a68420532ae133aeb37689763f5e1723dd12c2a684205af6613dcb284809fb250b6a
-
SSDEEP
12288:aj/jmj+PyiU5shDxSVI3ACKKogxtSEHJvfzeTrvuk7GKsqGYc:Q/cliYcSVI3AQtS+zGvzfslz
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-