General
-
Target
b8c49ec19f52572234a367f390de4ca8a5dc406c7cc9f0d0d6f03132ee5261ad
-
Size
237KB
-
Sample
231207-c6dnpaaea9
-
MD5
b0faf04e71ac66d96aeefe539ae48e55
-
SHA1
8cb7f9267524e3cf021b7145b7f1cb07c60b4ff4
-
SHA256
b8c49ec19f52572234a367f390de4ca8a5dc406c7cc9f0d0d6f03132ee5261ad
-
SHA512
c0fa14723d5f70f2dd0921bc3eb6965d6bf87e1203eab2498045fc36fd9ee9a4fc015f3b5c83ab5576d4539089f6cd1bbf615ed3cb5106725c236877ef0c7102
-
SSDEEP
3072:XJpZhKeueuuQBmIRpdnOqpRpsYFIm36eKeq5nahTRrqlDC:XhhKeueuuQBmepdnOeNCZeFhTN
Behavioral task
behavioral1
Sample
b8c49ec19f52572234a367f390de4ca8a5dc406c7cc9f0d0d6f03132ee5261ad.exe
Resource
win7-20231201-en
Behavioral task
behavioral2
Sample
b8c49ec19f52572234a367f390de4ca8a5dc406c7cc9f0d0d6f03132ee5261ad.exe
Resource
win10v2004-20231130-en
Malware Config
Extracted
agenttesla
https://discord.com/api/webhooks/1177127012318593147/XKAxuyU9TUlPe_Y2dEKW3B_Fk3rMrYFf5oi7GsS0Ht_fq1xWwUm8t-XC7jOHzWTWvYqZ
Targets
-
-
Target
b8c49ec19f52572234a367f390de4ca8a5dc406c7cc9f0d0d6f03132ee5261ad
-
Size
237KB
-
MD5
b0faf04e71ac66d96aeefe539ae48e55
-
SHA1
8cb7f9267524e3cf021b7145b7f1cb07c60b4ff4
-
SHA256
b8c49ec19f52572234a367f390de4ca8a5dc406c7cc9f0d0d6f03132ee5261ad
-
SHA512
c0fa14723d5f70f2dd0921bc3eb6965d6bf87e1203eab2498045fc36fd9ee9a4fc015f3b5c83ab5576d4539089f6cd1bbf615ed3cb5106725c236877ef0c7102
-
SSDEEP
3072:XJpZhKeueuuQBmIRpdnOqpRpsYFIm36eKeq5nahTRrqlDC:XhhKeueuuQBmepdnOeNCZeFhTN
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Legitimate hosting services abused for malware hosting/C2
-