General
-
Target
a0f510b447b547e4126951199c2367dc238a8a53e276040b1bc6b09a035ccca8
-
Size
1.1MB
-
Sample
240503-b2ff2sbh2s
-
MD5
8e8ed6c63b4cfe43cd2323cfa9527f4b
-
SHA1
8cd4e2b867f7ff923da8305332d9ec40e0d95165
-
SHA256
a0f510b447b547e4126951199c2367dc238a8a53e276040b1bc6b09a035ccca8
-
SHA512
bb517904825a8db2800a509f1d7d002dee15003877f7e822e35040e2faee2732f636ce26f1b919ba9a6319b7327c5363f4f06ee239a8249305d439f2623ed101
-
SSDEEP
24576:YqDEvCTbMWu7rQYlBQcBiT6rprG8ai+qJvQ8smuNhr:YTvC/MTQYxsWR7ai+qZXbu
Static task
static1
Behavioral task
behavioral1
Sample
a0f510b447b547e4126951199c2367dc238a8a53e276040b1bc6b09a035ccca8.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a0f510b447b547e4126951199c2367dc238a8a53e276040b1bc6b09a035ccca8.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
a0f510b447b547e4126951199c2367dc238a8a53e276040b1bc6b09a035ccca8
-
Size
1.1MB
-
MD5
8e8ed6c63b4cfe43cd2323cfa9527f4b
-
SHA1
8cd4e2b867f7ff923da8305332d9ec40e0d95165
-
SHA256
a0f510b447b547e4126951199c2367dc238a8a53e276040b1bc6b09a035ccca8
-
SHA512
bb517904825a8db2800a509f1d7d002dee15003877f7e822e35040e2faee2732f636ce26f1b919ba9a6319b7327c5363f4f06ee239a8249305d439f2623ed101
-
SSDEEP
24576:YqDEvCTbMWu7rQYlBQcBiT6rprG8ai+qJvQ8smuNhr:YTvC/MTQYxsWR7ai+qZXbu
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-