agenttesla | ab532711968daaf5a1c95540ce7c89702ccd00d50c0787605f8298a1c02c0258 | Triage

Sharing

General

Target

sdsd.zip
Size

1.1MB
Sample

231212-akchdschh5
MD5

1ed7ecfa762b6e2172ef0253ab9c0940
SHA1

d02cc04281570020d49c00fc42b02c539a45bcdd
SHA256

ab532711968daaf5a1c95540ce7c89702ccd00d50c0787605f8298a1c02c0258
SHA512

5df3139e8ba92af926c6e2f214dbd65e44f43bffe410b5af26f1a2cbafa0014c655ea3899784aa6672913f0f47d6ba09949f233d4cc1e13e7b4ce178e4be5886
SSDEEP

24576:1ZJJThXSy9OTi76S5lmZugWesm4+ZJGSZNbJ4MWZ9yJY2:diyEfw7D5+zFN14HyF

Score

10^/10

agenttesla

Malware Config

Targets

- Target
  
  Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  278752062981db6fe27ba55f5099b8ae
- SHA1
  
  8446637986cf4a24e9135ee5c54f3170600e1e83
- SHA256
  
  538e6ca6001d609e251f88243409a2cbc9bc0517751843e76485a2c335e7829b
- SHA512
  
  142ff82ca90ca63a6a854e866615d742b585c102e8c4de5c773edeb1ac30c2cc2f6bcb190da394e4aadb4ef9518d194d99904463d6e952170d2924b16fcb00a5
- SSDEEP
  
  49152:PQNztBO2+VN7N3HtnPhx70ZO4+CPXOn5PThDH2TBeHjvjiBckFjvkoEFB:PAhck1
Score

1^/10
behavioral1 behavioral2
- Target
  
  GunaPatcher.exe
- Size
  
  8KB
- MD5
  
  7c8c748cf23a45836a35f4a28bdadcb3
- SHA1
  
  5eb25218086b81026ec38f6d2bdb222f68cc327e
- SHA256
  
  91ba12e96fbef22c551a957970ca2638456d3feae01b7566d473b5ad566e609b
- SHA512
  
  602362de34099fa609ae37ef9dd3c723900b3abd976f2f3bc9cdcdb9ab72931ec6100634283e1abe170c41dcd78c55a1c2f8c72923396219aba801a9ba1c2902
- SSDEEP
  
  96:Z6ttpdOaBqOFaSXdJr2Gl2TyNl8EOQcFV62VyGtqFh5vXXX6gWIfWrb65zNt:ZCcGcSX72/Ayx9oqgWBY
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral3 behavioral4
- Target
  
  dnlib.dll
- Size
  
  1.1MB
- MD5
  
  b85694ae25765805b5e91b028fef9bdd
- SHA1
  
  1bba678d984c83795a2a483eb2fc5b4afb3db79f
- SHA256
  
  e638e008fd50db70cab8d564c5655a1f1148e65297ffe753ef55150caea23381
- SHA512
  
  76f8c6b9bc9ec2fe357bbe18e96aead82359a67577500dd6de839a3df7da405a74bf74c5fe2cdbea6941b44c8b925b038866b5ac3d0c8429f5567f2d16c110d1
- SSDEEP
  
  24576:8gW20arTgWkk7z2B3KqW4g9T8gTDl9Iv7fKNGbh:xC3g9Xb
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6