General
-
Target
275f57307104db79ff472c9d7dcd5a8dbf31e7f1d09518b7b3979419eef8a7c1
-
Size
987KB
-
Sample
240427-bvyn2sha8x
-
MD5
5f3daa285dab78f85bdfcb339532ae54
-
SHA1
c793ebc29ca628d6159f53346615c6b3630f25b6
-
SHA256
275f57307104db79ff472c9d7dcd5a8dbf31e7f1d09518b7b3979419eef8a7c1
-
SHA512
6ab3ac086fdc4511074486067c0ff83ed8da974eeac65bf50f15e17d2d79a2d207ca492d6928df0bbc9741979424202030d37cb1e31f151693f53d0c281f97e7
-
SSDEEP
24576:/0suND4kgKBoCLtIkSuZFjIzKBzO2Omj2xIY/C2kFL:nFKBoCBHSkjsUOmj2aOC2e
Static task
static1
Behavioral task
behavioral1
Sample
275f57307104db79ff472c9d7dcd5a8dbf31e7f1d09518b7b3979419eef8a7c1.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
275f57307104db79ff472c9d7dcd5a8dbf31e7f1d09518b7b3979419eef8a7c1.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
agenttesla
https://api.telegram.org/bot6678522004:AAFCzMcx9PFLt4zQrKaDiOluS83dl0_buKM/
Targets
-
-
Target
275f57307104db79ff472c9d7dcd5a8dbf31e7f1d09518b7b3979419eef8a7c1
-
Size
987KB
-
MD5
5f3daa285dab78f85bdfcb339532ae54
-
SHA1
c793ebc29ca628d6159f53346615c6b3630f25b6
-
SHA256
275f57307104db79ff472c9d7dcd5a8dbf31e7f1d09518b7b3979419eef8a7c1
-
SHA512
6ab3ac086fdc4511074486067c0ff83ed8da974eeac65bf50f15e17d2d79a2d207ca492d6928df0bbc9741979424202030d37cb1e31f151693f53d0c281f97e7
-
SSDEEP
24576:/0suND4kgKBoCLtIkSuZFjIzKBzO2Omj2xIY/C2kFL:nFKBoCBHSkjsUOmj2aOC2e
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-