General
-
Target
07d837ca182080435013ec54fd8be82904502e62363c84de204f5ff991a191e8exe.exe
-
Size
864KB
-
Sample
231205-wpxvsadf4y
-
MD5
9f2a5bfdc96beaf41c4c0a77c9cc1eb4
-
SHA1
79a8b33d5d43cfdd47ec0a30d6c6babe6e7936a1
-
SHA256
07d837ca182080435013ec54fd8be82904502e62363c84de204f5ff991a191e8
-
SHA512
5df43a471f05aa690a6d4669fb1e89e8e85ff5a75c32e1de35c6276c019946c93227ba1bb47902d72e719b2066ea9e79d7a3fbc4b6c77edc1259cfb7752cb12c
-
SSDEEP
12288:EvCe+rYESCVPjkguQUQqzjFNxnFyZakskuD3jYRvGhzQEeknDqz:Eqe+ACVPpuQ4z5NxFu7uDTYRvG2UDq
Static task
static1
Behavioral task
behavioral1
Sample
07d837ca182080435013ec54fd8be82904502e62363c84de204f5ff991a191e8exe.exe
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
07d837ca182080435013ec54fd8be82904502e62363c84de204f5ff991a191e8exe.exe
Resource
win10v2004-20231130-en
Malware Config
Extracted
agenttesla
https://discord.com/api/webhooks/1164840075939553292/a6ORRTbbQCKRdRMc50aYeezX1vDpPNIsZwcguLCLlW6SUDU4xA5QvbvHI2v521gjg-25
Targets
-
-
Target
07d837ca182080435013ec54fd8be82904502e62363c84de204f5ff991a191e8exe.exe
-
Size
864KB
-
MD5
9f2a5bfdc96beaf41c4c0a77c9cc1eb4
-
SHA1
79a8b33d5d43cfdd47ec0a30d6c6babe6e7936a1
-
SHA256
07d837ca182080435013ec54fd8be82904502e62363c84de204f5ff991a191e8
-
SHA512
5df43a471f05aa690a6d4669fb1e89e8e85ff5a75c32e1de35c6276c019946c93227ba1bb47902d72e719b2066ea9e79d7a3fbc4b6c77edc1259cfb7752cb12c
-
SSDEEP
12288:EvCe+rYESCVPjkguQUQqzjFNxnFyZakskuD3jYRvGhzQEeknDqz:Eqe+ACVPpuQ4z5NxFu7uDTYRvG2UDq
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-