General
-
Target
4fba160e4c8687f7a5d6f36b67c4f0ae397d8c272fc8a39e5923211f95e84289
-
Size
1.2MB
-
Sample
240329-cas4hafa47
-
MD5
2f48554ea300ea2a9aaf99184e953c71
-
SHA1
df702a3f43c3b65a5cda09fdcb45d9333695760c
-
SHA256
4fba160e4c8687f7a5d6f36b67c4f0ae397d8c272fc8a39e5923211f95e84289
-
SHA512
550aa06ea5fc344488b1f3c1286b88eba9e6cf142205690c5c182e8ddd4c534f16eff8d84507ff5d049fcd133605a2e75bf175c28984b338221d02e92a8bb1da
-
SSDEEP
24576:gqDEvCTbMWu7rQYlBQcBiT6rprG8aoQ/0nEiwLzzQQP:gTvC/MTQYxsWR7aoU0niLzL
Static task
static1
Behavioral task
behavioral1
Sample
4fba160e4c8687f7a5d6f36b67c4f0ae397d8c272fc8a39e5923211f95e84289.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
4fba160e4c8687f7a5d6f36b67c4f0ae397d8c272fc8a39e5923211f95e84289
-
Size
1.2MB
-
MD5
2f48554ea300ea2a9aaf99184e953c71
-
SHA1
df702a3f43c3b65a5cda09fdcb45d9333695760c
-
SHA256
4fba160e4c8687f7a5d6f36b67c4f0ae397d8c272fc8a39e5923211f95e84289
-
SHA512
550aa06ea5fc344488b1f3c1286b88eba9e6cf142205690c5c182e8ddd4c534f16eff8d84507ff5d049fcd133605a2e75bf175c28984b338221d02e92a8bb1da
-
SSDEEP
24576:gqDEvCTbMWu7rQYlBQcBiT6rprG8aoQ/0nEiwLzzQQP:gTvC/MTQYxsWR7aoU0niLzL
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Suspicious use of SetThreadContext
-