General
-
Target
149fee78d8d12af76af26eddc5aafa42b8f2a028f27f55676241110cb8a65ace
-
Size
154.0MB
-
Sample
231204-bwjlhsgd54
-
MD5
0e3961b63c79cfd5450af6a072df2cf4
-
SHA1
e5aa08783dce22db20ea2791c8bd9e555dbe91a1
-
SHA256
149fee78d8d12af76af26eddc5aafa42b8f2a028f27f55676241110cb8a65ace
-
SHA512
360e9c51f5825a973a1ceb6b9c0dcdd580715e72dbef6bd3f409d73cf88b776b316ec08023c90470f7e7de5dfa81a3c4bdcddf4b7a221fa722e8ba68828cc0e9
-
SSDEEP
1572864:UafzGToO0fw1GZrhqWKnUlqdoT43pv8Mx58REy0DZlecF:HfzdhbIoTY5zZAY
Behavioral task
behavioral1
Sample
149fee78d8d12af76af26eddc5aafa42b8f2a028f27f55676241110cb8a65ace.exe
Resource
win7-20231130-en
Behavioral task
behavioral2
Sample
149fee78d8d12af76af26eddc5aafa42b8f2a028f27f55676241110cb8a65ace.exe
Resource
win10v2004-20231127-en
Malware Config
Targets
-
-
Target
149fee78d8d12af76af26eddc5aafa42b8f2a028f27f55676241110cb8a65ace
-
Size
154.0MB
-
MD5
0e3961b63c79cfd5450af6a072df2cf4
-
SHA1
e5aa08783dce22db20ea2791c8bd9e555dbe91a1
-
SHA256
149fee78d8d12af76af26eddc5aafa42b8f2a028f27f55676241110cb8a65ace
-
SHA512
360e9c51f5825a973a1ceb6b9c0dcdd580715e72dbef6bd3f409d73cf88b776b316ec08023c90470f7e7de5dfa81a3c4bdcddf4b7a221fa722e8ba68828cc0e9
-
SSDEEP
1572864:UafzGToO0fw1GZrhqWKnUlqdoT43pv8Mx58REy0DZlecF:HfzdhbIoTY5zZAY
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-