General
-
Target
015e45a12c365aa3b9c58cf9b4d829a3_JaffaCakes118
-
Size
475KB
-
Sample
240426-wvk36shc66
-
MD5
015e45a12c365aa3b9c58cf9b4d829a3
-
SHA1
0d1cbecb301f640340675b5b6a8ed4ba5e6f4e91
-
SHA256
f54eae3b3476bffbe622d699e946a3f88cee24a3aacb3101ca17caa3e9fb644a
-
SHA512
f45e82d84a7749a3a45e05786bfc379f50e47c8622eb00b62809ed3063cf372a02b06b7974f09d1ef5abbd962c1a00d1b348732fea0499ee4031b6c3bec02995
-
SSDEEP
12288:n6HmURNwBzheRE/nfYoXJYfPgtpZa/ebW8bxvGFgqhS:n6Gybe4oXJaPgLCWWWgrS
Static task
static1
Behavioral task
behavioral1
Sample
DHL STATEMENT OF ACCOUNT - 1606411788.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
DHL STATEMENT OF ACCOUNT - 1606411788.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
DHL STATEMENT OF ACCOUNT - 1606411788.exe
-
Size
891KB
-
MD5
10696ae808401b2f6c1e179880536fb0
-
SHA1
861e2f50f128a8a4e020ba75dba238065d5cd2e9
-
SHA256
a8a6c630b10f07fff8350fa8590b67ee21f67051e2bc7f8586e5316b1675691d
-
SHA512
68cb744593e07ed05d569926facb9fe266403b53eb8d9351709c0c76c5ba550b9f07327ab625de83544f1ef175816175e8522f0d821af22b3fca084fe6cfb942
-
SSDEEP
24576:h+pbzwIxk4VdoqmTnNDVSo+MGSnjLurdd:opbkGtLKTnN4jSj0
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla payload
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-