General
-
Target
0523f7cfc131c52445b00d8c354b91658bc0b5f970d5c5ffc01b8480a84b9364
-
Size
330KB
-
Sample
231202-bpnxnahb9s
-
MD5
9defa32ab3c74af8e29aea03a454934e
-
SHA1
04dac45bb456d502638ac199f8a4bb9285167658
-
SHA256
0523f7cfc131c52445b00d8c354b91658bc0b5f970d5c5ffc01b8480a84b9364
-
SHA512
b43c24dcf817b310c94743efd49e803d3c48a24192bed6ab99cfa813af5df20e69ac67f052ba613a185519ef5f0b1e9aaeacf7d77a40d0a32e4aa03747ca282f
-
SSDEEP
6144:wBlL/Di/CcLN+BiYHbAabwWZKhl/fnT6vWKupX4ZWK2j1Mu9nBE:CZiFN4rbRbtYZnTsW7U22mE
Static task
static1
Behavioral task
behavioral1
Sample
0523f7cfc131c52445b00d8c354b91658bc0b5f970d5c5ffc01b8480a84b9364.exe
Resource
win7-20231201-en
Behavioral task
behavioral2
Sample
0523f7cfc131c52445b00d8c354b91658bc0b5f970d5c5ffc01b8480a84b9364.exe
Resource
win10v2004-20231130-en
Malware Config
Targets
-
-
Target
0523f7cfc131c52445b00d8c354b91658bc0b5f970d5c5ffc01b8480a84b9364
-
Size
330KB
-
MD5
9defa32ab3c74af8e29aea03a454934e
-
SHA1
04dac45bb456d502638ac199f8a4bb9285167658
-
SHA256
0523f7cfc131c52445b00d8c354b91658bc0b5f970d5c5ffc01b8480a84b9364
-
SHA512
b43c24dcf817b310c94743efd49e803d3c48a24192bed6ab99cfa813af5df20e69ac67f052ba613a185519ef5f0b1e9aaeacf7d77a40d0a32e4aa03747ca282f
-
SSDEEP
6144:wBlL/Di/CcLN+BiYHbAabwWZKhl/fnT6vWKupX4ZWK2j1Mu9nBE:CZiFN4rbRbtYZnTsW7U22mE
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-