General
-
Target
e9499146a540aa410852d3ae7bb61d747e449f36c4209f3c9afe35ea1c7195c7
-
Size
835KB
-
Sample
231205-t8qjpscd7y
-
MD5
5d8ed426d33dc630cc84f05c08339936
-
SHA1
b182fbadeb48530ded88de2ce8c9662f82674ff0
-
SHA256
e9499146a540aa410852d3ae7bb61d747e449f36c4209f3c9afe35ea1c7195c7
-
SHA512
b458b73daf4d6a7d857e262ba9ae3cf81e8fb3808d56a0d2bfc5cacf4f462cdf3ae905865dc9d89477a02b2c951d92f86cfec78975104cd805d598a578686c9f
-
SSDEEP
24576:hvKpO+XEEXgolwKqf0rT6CE0DD/gkaIFUpkM2N7CvmbiK6z7/:hkEKPwKK0fsuD/GIFGkb0t7
Static task
static1
Behavioral task
behavioral1
Sample
LAM CHUAN Q710901.pdf.exe
Resource
win7-20231201-en
Behavioral task
behavioral2
Sample
LAM CHUAN Q710901.pdf.exe
Resource
win10v2004-20231127-en
Malware Config
Extracted
agenttesla
https://api.telegram.org/bot6439280362:AAFxJ6Gm_hfG3MYnjXvw0e4QQEIFTsOjkuk/
Targets
-
-
Target
LAM CHUAN Q710901.pdf.exe
-
Size
1024KB
-
MD5
8412a2cceb09519e18c3419df99efbad
-
SHA1
33fdcdd1ea11818c2928d80c52e786b0cca9e522
-
SHA256
7318815c5eed7085d6d336406e6c3255a23e255f5caa954b6b1b4549b7519701
-
SHA512
b81f90357485356ec5b678e19d41359db65e5b9f328a9d94d4d76fbecee5286cffbce4ce95c9dd7109044fe95b37abcfee6bae443930f22e5cc218808b849d8d
-
SSDEEP
24576:RBm634/up+pJtwFbGyArZTDOYDD/ckaCFUBkMIHpDqDDBi:RX38PJtw5Ag6D/6CFMkzpDH
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-