General
-
Target
K.G.B MalwareShield.zip
-
Size
1.4MB
-
Sample
230804-rm3k2abc23
-
MD5
e7eaf03f6c686a3fc15a112fde411687
-
SHA1
0e1dc9e90c62fdc48bdf265aaf8288b104105459
-
SHA256
f7b38b50fca4257c95e6d62d340ad627d32b262f80cd844ed3f91e500a55fd96
-
SHA512
9f1eb780116d0204c0e8fc110e8dd2ffb2ff4c039b284ffead032cdbb93198c76f2561bf6068c832e17b21489265e96fb586f1d60baf33137ec8f76ebdd83565
-
SSDEEP
24576:SGA9Na6xbZxpjl7kIIT4TqU9hkg6/QE0cbODhZGiErmZf+7stxVwoYhG:wNa6Jpjl2T417i/QE0cqDhrErGYoAG
Behavioral task
behavioral1
Sample
K.G.B MalwareShield.exe
Resource
win10-20230703-en
Behavioral task
behavioral2
Sample
K.G.B MalwareShield.exe
Resource
win7-20230712-en
Behavioral task
behavioral3
Sample
K.G.B MalwareShield.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
K.G.B MalwareShield.exe
-
Size
1.5MB
-
MD5
cec45c255db218c9e338d4458a6f08f6
-
SHA1
948698d59953ca85830c55c96f4a555045571f88
-
SHA256
24e21452ca2ca14d759868726015184c81b9aeb0e7614ee25b723cf5dbb9f792
-
SHA512
aca59dd211fc400dfce2499791d03a9b7ed05a0c0945416f67f88a3b575d8826a16f0d23346a4cac52f84aff4147e9779c0a95b4db3e7ce0d8763f2c5d569327
-
SSDEEP
24576:xUSuMTN4IvbZldjH7kqKT4R+qNTkgoXQu0SbO1hZUiklmZN+BstJV1aod5UTh:KuN4IDtjHAT4vRgXQu0Sq1hNklG0oK
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla payload
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-