General
-
Target
SecuriteInfo.com.Win32.RATX-gen.2981.2517.exe
-
Size
48KB
-
Sample
221205-rt6ahace3s
-
MD5
ca22743ddd287e5771994cbc5512a7ae
-
SHA1
1550f48c5328155339f218ffddd46b9f1b962f8c
-
SHA256
10a93da7c42086684ef092f01843f6e69393d91222fe6ee894d4cee54a8715cd
-
SHA512
b607920f7a057cc244fab520cf58018d3d641aa5cfbf9bddcf19353edf5425a06fbf70a8ddb350f636619a73ac1fa73e74e58570d0dcb64c1a24b3b622a65196
-
SSDEEP
384:9TVeQ9Lgmr2roG8tUHHojSeOiV9qXBKmFptYcFmVc03K:9TVeuAoGFHHfXtYcFmVc6K
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.RATX-gen.2981.2517.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Win32.RATX-gen.2981.2517.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
agenttesla
https://api.telegram.org/bot5764062937:AAHmiesTr6Z7n5aCQmZlon17u47KFOBnTT8/
Targets
-
-
Target
SecuriteInfo.com.Win32.RATX-gen.2981.2517.exe
-
Size
48KB
-
MD5
ca22743ddd287e5771994cbc5512a7ae
-
SHA1
1550f48c5328155339f218ffddd46b9f1b962f8c
-
SHA256
10a93da7c42086684ef092f01843f6e69393d91222fe6ee894d4cee54a8715cd
-
SHA512
b607920f7a057cc244fab520cf58018d3d641aa5cfbf9bddcf19353edf5425a06fbf70a8ddb350f636619a73ac1fa73e74e58570d0dcb64c1a24b3b622a65196
-
SSDEEP
384:9TVeQ9Lgmr2roG8tUHHojSeOiV9qXBKmFptYcFmVc03K:9TVeuAoGFHHfXtYcFmVc6K
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-