General
-
Target
25392a4dbe03b073aa4e98bd2ab337bdfdcf23776e9c1ac9b98b8b1a15c9be07
-
Size
1.1MB
-
Sample
240426-cj4xcshc25
-
MD5
5ff431118441a8babe3484dff40f686e
-
SHA1
9880f7b25af52593c7bf6ae324586ddc616c8f78
-
SHA256
25392a4dbe03b073aa4e98bd2ab337bdfdcf23776e9c1ac9b98b8b1a15c9be07
-
SHA512
974f9b367f24986af0e3d280f27d98e5dd6a30245e4d491a9baf07a4c8a92900812dd93100d20e17d3b73277b210074027ece921f16a8d618bafdec7bc39a4a6
-
SSDEEP
24576:2qDEvCTbMWu7rQYlBQcBiT6rprG8aYTVDkOM20Nh/:2TvC/MTQYxsWR7aYTSh20
Static task
static1
Behavioral task
behavioral1
Sample
25392a4dbe03b073aa4e98bd2ab337bdfdcf23776e9c1ac9b98b8b1a15c9be07.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
25392a4dbe03b073aa4e98bd2ab337bdfdcf23776e9c1ac9b98b8b1a15c9be07.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
25392a4dbe03b073aa4e98bd2ab337bdfdcf23776e9c1ac9b98b8b1a15c9be07
-
Size
1.1MB
-
MD5
5ff431118441a8babe3484dff40f686e
-
SHA1
9880f7b25af52593c7bf6ae324586ddc616c8f78
-
SHA256
25392a4dbe03b073aa4e98bd2ab337bdfdcf23776e9c1ac9b98b8b1a15c9be07
-
SHA512
974f9b367f24986af0e3d280f27d98e5dd6a30245e4d491a9baf07a4c8a92900812dd93100d20e17d3b73277b210074027ece921f16a8d618bafdec7bc39a4a6
-
SSDEEP
24576:2qDEvCTbMWu7rQYlBQcBiT6rprG8aYTVDkOM20Nh/:2TvC/MTQYxsWR7aYTSh20
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-