General
-
Target
40f217fa3f84e58e8ddb7f29a6c1ca87da3ebf0c1cbf1db875befb6e639f1ed4
-
Size
1.1MB
-
Sample
240424-b6klkadh5v
-
MD5
ddc7674fce48177e9f6368a9587fdedb
-
SHA1
d48fb859350da04e24e306c809071b4e8c4d5c0c
-
SHA256
40f217fa3f84e58e8ddb7f29a6c1ca87da3ebf0c1cbf1db875befb6e639f1ed4
-
SHA512
3ef57451003b40e0666b8c7d629bfa4e7a871e2695c0a7644b22e84a0ee271479182629d54f78fa762221b4f9884d5143cbdae06453b8a74b200d6c948096273
-
SSDEEP
24576:vAHnh+eWsN3skA4RV1Hom2KXMmHat1YKQULjNMFpgAbConoP5:Sh+ZkldoPK8Yat1YKvXNMFG4Con8
Static task
static1
Behavioral task
behavioral1
Sample
40f217fa3f84e58e8ddb7f29a6c1ca87da3ebf0c1cbf1db875befb6e639f1ed4.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
40f217fa3f84e58e8ddb7f29a6c1ca87da3ebf0c1cbf1db875befb6e639f1ed4
-
Size
1.1MB
-
MD5
ddc7674fce48177e9f6368a9587fdedb
-
SHA1
d48fb859350da04e24e306c809071b4e8c4d5c0c
-
SHA256
40f217fa3f84e58e8ddb7f29a6c1ca87da3ebf0c1cbf1db875befb6e639f1ed4
-
SHA512
3ef57451003b40e0666b8c7d629bfa4e7a871e2695c0a7644b22e84a0ee271479182629d54f78fa762221b4f9884d5143cbdae06453b8a74b200d6c948096273
-
SSDEEP
24576:vAHnh+eWsN3skA4RV1Hom2KXMmHat1YKQULjNMFpgAbConoP5:Sh+ZkldoPK8Yat1YKvXNMFG4Con8
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-