General
-
Target
aba1d2b9affe1a3724cea3a4aab81c04bbb004e1be5e11a9918a0b139fcb7fca
-
Size
795KB
-
Sample
240330-bthansdh9z
-
MD5
386d259e67808056e47cbaf9728c710e
-
SHA1
5448ee33fbf22c897b7c8b45314e2ddf21a8c6cf
-
SHA256
aba1d2b9affe1a3724cea3a4aab81c04bbb004e1be5e11a9918a0b139fcb7fca
-
SHA512
9ddb7f36f654a37b3573f2eeefab67e77dc3b7cb4c04fa6f1e41bd19b8ffcf81ef3335a6442bdaf2c6f2667b25d41ff96596edec4794a1f29913b6c1f985adc0
-
SSDEEP
24576:LVrAo1XVI/JnYSvqY1wVYSdeoRhKESa78K:LVrlIx/Juu6Qa78K
Static task
static1
Behavioral task
behavioral1
Sample
MK_Order_30387_pdf.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
MK_Order_30387_pdf.exe
-
Size
1.2MB
-
MD5
1b453ca9236f5b70f3c7c255eba1c45a
-
SHA1
9e66fb5257155f5b44d8b8f24ab377b0f47aaba8
-
SHA256
3fb4903b9429a85b65f816eb8f90a3ae01eb38eef3ebb5f622587af468173d1a
-
SHA512
eacb7952a901b5fde0f0e6f0ba46b2313d0e13d63fab4fee57115c4c6dd476e7bcbeb0f96f24d2795a4624001c4e562730985dac8d4befc3ed88c997053434d6
-
SSDEEP
24576:oqDEvCTbMWu7rQYlBQcBiT6rprG8a55MZisxzKqoa+:oTvC/MTQYxsWR7a55Cua
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-