General
-
Target
file01.ps1
-
Size
301B
-
Sample
230401-ad1awaef34
-
MD5
5e48dd2ff7681f4657790bf9e6dece94
-
SHA1
e303d20bcc18aa027e752a8a56cd6ce14d3b239a
-
SHA256
a08f454cf7acc9dd6c0cab691612f3364df7884acedc307ee96fb96edd6f5c96
-
SHA512
c662080e42a01df40374bfa100a0f4d1151862f688c573bc2ef98661d163d0ee7d22e5af812c9858da683db8f960ee3e3ba94a090d79d242d1f74d1835b9e368
Static task
static1
Behavioral task
behavioral1
Sample
file01.ps1
Resource
win10-20230220-en
Malware Config
Targets
-
-
Target
file01.ps1
-
Size
301B
-
MD5
5e48dd2ff7681f4657790bf9e6dece94
-
SHA1
e303d20bcc18aa027e752a8a56cd6ce14d3b239a
-
SHA256
a08f454cf7acc9dd6c0cab691612f3364df7884acedc307ee96fb96edd6f5c96
-
SHA512
c662080e42a01df40374bfa100a0f4d1151862f688c573bc2ef98661d163d0ee7d22e5af812c9858da683db8f960ee3e3ba94a090d79d242d1f74d1835b9e368
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla payload
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-