General
-
Target
b3ee243fec9de264cfd5f0743552ffc89b1379236153d36b48d9d520620228ed
-
Size
1.1MB
-
Sample
240425-d3v91aeg4s
-
MD5
623ee380ebde7c5c8f12d9847de16305
-
SHA1
caea83bfa0f2c44a5f4645dc1fb1642e57dca3f4
-
SHA256
b3ee243fec9de264cfd5f0743552ffc89b1379236153d36b48d9d520620228ed
-
SHA512
74ab2ce17e0536a21281647228d7cb5b79f67dbac56bb76652a3954b9dd291c9f6953b80d625acec21c5c1427255ab6046eae88ce5ac80cba64b6fe3768905ea
-
SSDEEP
24576:pAHnh+eWsN3skA4RV1Hom2KXMmHaOrw/kS0dI8+cLUkf5:wh+ZkldoPK8YaOukOcLr
Static task
static1
Behavioral task
behavioral1
Sample
b3ee243fec9de264cfd5f0743552ffc89b1379236153d36b48d9d520620228ed.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
b3ee243fec9de264cfd5f0743552ffc89b1379236153d36b48d9d520620228ed
-
Size
1.1MB
-
MD5
623ee380ebde7c5c8f12d9847de16305
-
SHA1
caea83bfa0f2c44a5f4645dc1fb1642e57dca3f4
-
SHA256
b3ee243fec9de264cfd5f0743552ffc89b1379236153d36b48d9d520620228ed
-
SHA512
74ab2ce17e0536a21281647228d7cb5b79f67dbac56bb76652a3954b9dd291c9f6953b80d625acec21c5c1427255ab6046eae88ce5ac80cba64b6fe3768905ea
-
SSDEEP
24576:pAHnh+eWsN3skA4RV1Hom2KXMmHaOrw/kS0dI8+cLUkf5:wh+ZkldoPK8YaOukOcLr
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-