General
-
Target
d077b3075b08a6f6ae384794e0ddd8c6e509a029440ec56f1669288730e70898
-
Size
458KB
-
Sample
221206-rcsyvagg8y
-
MD5
cd97907dfa59649f4a1b346c4e4b8243
-
SHA1
470af611c44e77b16e7327816a08141ae6f3d9bc
-
SHA256
d077b3075b08a6f6ae384794e0ddd8c6e509a029440ec56f1669288730e70898
-
SHA512
1da9bb16b346f57b596ed7367ecb924a315106ddc4f1f7da633bc2016e6350459f5f00f7154a357deaa2d50464d451bec86801b5fec3edb46bda56f3d3a6a26a
-
SSDEEP
6144:PBnxm/hZudIIuLp0NmbAGtHFzLmDVSHAkDFt9oS2YE9gagaIw3cjwJYgintgA:LzdIZp2EtBiDVanDFtiS2t6agaW8wt
Static task
static1
Behavioral task
behavioral1
Sample
d077b3075b08a6f6ae384794e0ddd8c6e509a029440ec56f1669288730e70898.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
d077b3075b08a6f6ae384794e0ddd8c6e509a029440ec56f1669288730e70898
-
Size
458KB
-
MD5
cd97907dfa59649f4a1b346c4e4b8243
-
SHA1
470af611c44e77b16e7327816a08141ae6f3d9bc
-
SHA256
d077b3075b08a6f6ae384794e0ddd8c6e509a029440ec56f1669288730e70898
-
SHA512
1da9bb16b346f57b596ed7367ecb924a315106ddc4f1f7da633bc2016e6350459f5f00f7154a357deaa2d50464d451bec86801b5fec3edb46bda56f3d3a6a26a
-
SSDEEP
6144:PBnxm/hZudIIuLp0NmbAGtHFzLmDVSHAkDFt9oS2YE9gagaIw3cjwJYgintgA:LzdIZp2EtBiDVanDFtiS2t6agaW8wt
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Executes dropped EXE
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-