General
-
Target
c6bf9dc346a99f9371bd37cde86066a38cb289ad718422fcd3df3d8ed1e951f1
-
Size
1.4MB
-
Sample
240427-bv146sgb57
-
MD5
124b5b6b6dac7b2cb30426a1d63fd48a
-
SHA1
828fb570d6b7284bf27e7ddd64c0c8b100a66501
-
SHA256
c6bf9dc346a99f9371bd37cde86066a38cb289ad718422fcd3df3d8ed1e951f1
-
SHA512
4ed9c30abcfc39970ab62c7e6b3ade04d0ffd14db6283ab4a75e1d6c2ab5979ba716b661df965fc3af6033b56e48756c5bdb726c40d97bb5da69cd077bf0af4b
-
SSDEEP
24576:/qDEvCTbMWu7rQYlBQcBiT6rpFd+zA8fM9VzqPXgtIB:/TvC/MTQYxsWPkzAWM9Vz1
Static task
static1
Behavioral task
behavioral1
Sample
c6bf9dc346a99f9371bd37cde86066a38cb289ad718422fcd3df3d8ed1e951f1.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
c6bf9dc346a99f9371bd37cde86066a38cb289ad718422fcd3df3d8ed1e951f1
-
Size
1.4MB
-
MD5
124b5b6b6dac7b2cb30426a1d63fd48a
-
SHA1
828fb570d6b7284bf27e7ddd64c0c8b100a66501
-
SHA256
c6bf9dc346a99f9371bd37cde86066a38cb289ad718422fcd3df3d8ed1e951f1
-
SHA512
4ed9c30abcfc39970ab62c7e6b3ade04d0ffd14db6283ab4a75e1d6c2ab5979ba716b661df965fc3af6033b56e48756c5bdb726c40d97bb5da69cd077bf0af4b
-
SSDEEP
24576:/qDEvCTbMWu7rQYlBQcBiT6rpFd+zA8fM9VzqPXgtIB:/TvC/MTQYxsWPkzAWM9Vz1
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-