agenttesla | 3c5a1cabe5af02c496c2ca81a873276b7b08013c2612b9823d0556c0845c7737 | Triage

Sharing

General

Target

3c5a1cabe5af02c496c2ca81a873276b7b08013c2612b9823d0556c0845c7737
Size

135.5MB
Sample

231211-cdfmksbce8
MD5

a29499e8be6b7dea813f205e32eb50fb
SHA1

399f0825c64f8b952028bbf9d979d72201d8558b
SHA256

3c5a1cabe5af02c496c2ca81a873276b7b08013c2612b9823d0556c0845c7737
SHA512

37ba7e993b84a0f599b53736f30e82b0c715d6785c68b5f6afd9a1de86f67e0ff9d169646614ad0b1cd2c6605abc9f307d1bdeabeb3f6b5d4998b1e55ceb7ad2
SSDEEP

1572864:VmS69jSgB4/OS0ezBbURMPzOebc8vVIMm8V3K8rD0:wS69jSgBWzOeRz0

Score

10^/10

agenttesla

Malware Config

Targets

- Target
  
  3c5a1cabe5af02c496c2ca81a873276b7b08013c2612b9823d0556c0845c7737
- Size
  
  135.5MB
- MD5
  
  a29499e8be6b7dea813f205e32eb50fb
- SHA1
  
  399f0825c64f8b952028bbf9d979d72201d8558b
- SHA256
  
  3c5a1cabe5af02c496c2ca81a873276b7b08013c2612b9823d0556c0845c7737
- SHA512
  
  37ba7e993b84a0f599b53736f30e82b0c715d6785c68b5f6afd9a1de86f67e0ff9d169646614ad0b1cd2c6605abc9f307d1bdeabeb3f6b5d4998b1e55ceb7ad2
- SSDEEP
  
  1572864:VmS69jSgB4/OS0ezBbURMPzOebc8vVIMm8V3K8rD0:wS69jSgBWzOeRz0
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2