General
-
Target
c7dde67fe0cfa8bdb1b24f8636e7d93cb3481d7c35164717209438cf9743e7fb
-
Size
1.2MB
-
Sample
240327-cn7h2sdc6v
-
MD5
2790cd4a816535ef0ca667047394a04f
-
SHA1
9edfc74e4fccd8890009296fede6cdf8821e9fc8
-
SHA256
c7dde67fe0cfa8bdb1b24f8636e7d93cb3481d7c35164717209438cf9743e7fb
-
SHA512
2c7e134ecd131a615f19b4e75fa25ee18fa76bd37b89c6ad64455237ce31ca9fa15ae7ad53342358242052648e9349fc96c98184d6b4a808a736415776f59a07
-
SSDEEP
24576:yqDEvCTbMWu7rQYlBQcBiT6rprG8aE/jBtSTnClgC46rLr4CFL:yTvC/MTQYxsWR7aE94T8N4ip
Static task
static1
Behavioral task
behavioral1
Sample
c7dde67fe0cfa8bdb1b24f8636e7d93cb3481d7c35164717209438cf9743e7fb.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
c7dde67fe0cfa8bdb1b24f8636e7d93cb3481d7c35164717209438cf9743e7fb
-
Size
1.2MB
-
MD5
2790cd4a816535ef0ca667047394a04f
-
SHA1
9edfc74e4fccd8890009296fede6cdf8821e9fc8
-
SHA256
c7dde67fe0cfa8bdb1b24f8636e7d93cb3481d7c35164717209438cf9743e7fb
-
SHA512
2c7e134ecd131a615f19b4e75fa25ee18fa76bd37b89c6ad64455237ce31ca9fa15ae7ad53342358242052648e9349fc96c98184d6b4a808a736415776f59a07
-
SSDEEP
24576:yqDEvCTbMWu7rQYlBQcBiT6rprG8aE/jBtSTnClgC46rLr4CFL:yTvC/MTQYxsWR7aE94T8N4ip
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-