General
-
Target
3fb4903b9429a85b65f816eb8f90a3ae01eb38eef3ebb5f622587af468173d1a
-
Size
1.2MB
-
Sample
240330-bhsx2adf21
-
MD5
1b453ca9236f5b70f3c7c255eba1c45a
-
SHA1
9e66fb5257155f5b44d8b8f24ab377b0f47aaba8
-
SHA256
3fb4903b9429a85b65f816eb8f90a3ae01eb38eef3ebb5f622587af468173d1a
-
SHA512
eacb7952a901b5fde0f0e6f0ba46b2313d0e13d63fab4fee57115c4c6dd476e7bcbeb0f96f24d2795a4624001c4e562730985dac8d4befc3ed88c997053434d6
-
SSDEEP
24576:oqDEvCTbMWu7rQYlBQcBiT6rprG8a55MZisxzKqoa+:oTvC/MTQYxsWR7a55Cua
Static task
static1
Behavioral task
behavioral1
Sample
3fb4903b9429a85b65f816eb8f90a3ae01eb38eef3ebb5f622587af468173d1a.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
3fb4903b9429a85b65f816eb8f90a3ae01eb38eef3ebb5f622587af468173d1a
-
Size
1.2MB
-
MD5
1b453ca9236f5b70f3c7c255eba1c45a
-
SHA1
9e66fb5257155f5b44d8b8f24ab377b0f47aaba8
-
SHA256
3fb4903b9429a85b65f816eb8f90a3ae01eb38eef3ebb5f622587af468173d1a
-
SHA512
eacb7952a901b5fde0f0e6f0ba46b2313d0e13d63fab4fee57115c4c6dd476e7bcbeb0f96f24d2795a4624001c4e562730985dac8d4befc3ed88c997053434d6
-
SSDEEP
24576:oqDEvCTbMWu7rQYlBQcBiT6rprG8a55MZisxzKqoa+:oTvC/MTQYxsWR7a55Cua
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-