Resubmissions
05-12-2023 11:48
231205-nyerkabb78 105-12-2023 11:37
231205-nrgmksbb52 105-12-2023 11:30
231205-nmktfaag4t 101-12-2023 08:49
231201-kreansgc79 1001-12-2023 07:29
231201-ja8brafh46 1001-12-2023 07:25
231201-h9ggmsfh38 730-11-2023 13:08
231130-qc7xbscd2x 730-11-2023 08:58
231130-kw7g1saa3s 127-11-2023 07:20
231127-h6jslafb53 10General
-
Target
https://www.mediafire.com/file/t9usn5skz63s9p9/Sipari%C5%9F+%C3%96zellikleri+pdf.tgz/file
-
Sample
231127-h6jslafb53
Score
10/10
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://www.mediafire.com/file/t9usn5skz63s9p9/Sipari%C5%9F+%C3%96zellikleri+pdf.tgz/file
Resource
win10v2004-20231020-en
windows10-2004-x64
16 signatures
1800 seconds
Malware Config
Extracted
Family
agenttesla
C2
https://api.telegram.org/bot6914781013:AAFw5Lm73ahTisnJp0Jdlgo14kV_jOgJDAE/
Targets
-
-
Target
https://www.mediafire.com/file/t9usn5skz63s9p9/Sipari%C5%9F+%C3%96zellikleri+pdf.tgz/file
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-