General
-
Target
SecuriteInfo.com.Trojan.PackedNET.1725.19553.28086.exe
-
Size
953KB
-
Sample
221208-ry7zwsdc4t
-
MD5
cb07eb3442be989b2417e6797544f208
-
SHA1
d86669fd5315e210ab3d9fa46ed06f9e6f8c1729
-
SHA256
aedbd8290eb3bea7a561c8f099f0005dc37e2597eeb34264e92b0df88a6b4109
-
SHA512
90a943732b4254c7d8c01d4c78a2acfadd189db654cc6a51dcc2ac8fc632a8bb2694a2bdb412630ea15543b44079c73ff9942f47cfca21f20af43ec782813097
-
SSDEEP
24576:7Sjql9eypjik0AY1h/TFuau/QhZmBH+V:0q3eYjijj/JuaMQhSH
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.PackedNET.1725.19553.28086.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.PackedNET.1725.19553.28086.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
agenttesla
https://api.telegram.org/bot5792273343:AAEA9U7DCI4qHTq4iHfT5XkdD5IEsA0KtTo/
Targets
-
-
Target
SecuriteInfo.com.Trojan.PackedNET.1725.19553.28086.exe
-
Size
953KB
-
MD5
cb07eb3442be989b2417e6797544f208
-
SHA1
d86669fd5315e210ab3d9fa46ed06f9e6f8c1729
-
SHA256
aedbd8290eb3bea7a561c8f099f0005dc37e2597eeb34264e92b0df88a6b4109
-
SHA512
90a943732b4254c7d8c01d4c78a2acfadd189db654cc6a51dcc2ac8fc632a8bb2694a2bdb412630ea15543b44079c73ff9942f47cfca21f20af43ec782813097
-
SSDEEP
24576:7Sjql9eypjik0AY1h/TFuau/QhZmBH+V:0q3eYjijj/JuaMQhSH
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-