General
-
Target
dbfe0055d945690a7a6477714e435670433cf68e946319887dc4e1e64db75e8b.exe
-
Size
1.3MB
-
Sample
240403-p2b1hsdc6w
-
MD5
d1b500e77ba18b987ea8bceaec7327ad
-
SHA1
48318c6c413b13d419bb2f64deb0b2e485c5d555
-
SHA256
dbfe0055d945690a7a6477714e435670433cf68e946319887dc4e1e64db75e8b
-
SHA512
8a480f21341c62cfc260f3a5894c2a1503c1107ec4785a1eb28b7e5014de34c29ded08c40f2b3e8b656c8bd0428bfb098949a3b9cdc7640e46fbd5636e2c184b
-
SSDEEP
24576:SAHnh+eWsN3skA4RV1Hom2KXMmHa4UYliFC1mH8vyqt5:Vh+ZkldoPK8Ya4U7FC13vyk
Static task
static1
Behavioral task
behavioral1
Sample
dbfe0055d945690a7a6477714e435670433cf68e946319887dc4e1e64db75e8b.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
dbfe0055d945690a7a6477714e435670433cf68e946319887dc4e1e64db75e8b.exe
-
Size
1.3MB
-
MD5
d1b500e77ba18b987ea8bceaec7327ad
-
SHA1
48318c6c413b13d419bb2f64deb0b2e485c5d555
-
SHA256
dbfe0055d945690a7a6477714e435670433cf68e946319887dc4e1e64db75e8b
-
SHA512
8a480f21341c62cfc260f3a5894c2a1503c1107ec4785a1eb28b7e5014de34c29ded08c40f2b3e8b656c8bd0428bfb098949a3b9cdc7640e46fbd5636e2c184b
-
SSDEEP
24576:SAHnh+eWsN3skA4RV1Hom2KXMmHa4UYliFC1mH8vyqt5:Vh+ZkldoPK8Ya4U7FC13vyk
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-