General
-
Target
0975f9212fa1ce50fdbeae8dc09da1e6f2a34f59cd0622d539ab7bd2e087a0a8
-
Size
1.1MB
-
Sample
240503-b6z19aeb49
-
MD5
299a495542392647faa4c8959b7d0d30
-
SHA1
6640270dca70f6af48e73a38b6df004d89e1d8a0
-
SHA256
0975f9212fa1ce50fdbeae8dc09da1e6f2a34f59cd0622d539ab7bd2e087a0a8
-
SHA512
a0afc12bdad8f56b281a3236983d9f968a547c673742cf2d557e1232af22c9df6ec64b597d1a6bb239c40eb9b64934987ac67ee26cf94326fbbee2ffcea96772
-
SSDEEP
24576:sqDEvCTbMWu7rQYlBQcBiT6rprG8agSHVKM6mGRi+Nhtc:sTvC/MTQYxsWR7agQrgZ
Static task
static1
Behavioral task
behavioral1
Sample
0975f9212fa1ce50fdbeae8dc09da1e6f2a34f59cd0622d539ab7bd2e087a0a8.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
0975f9212fa1ce50fdbeae8dc09da1e6f2a34f59cd0622d539ab7bd2e087a0a8.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
0975f9212fa1ce50fdbeae8dc09da1e6f2a34f59cd0622d539ab7bd2e087a0a8
-
Size
1.1MB
-
MD5
299a495542392647faa4c8959b7d0d30
-
SHA1
6640270dca70f6af48e73a38b6df004d89e1d8a0
-
SHA256
0975f9212fa1ce50fdbeae8dc09da1e6f2a34f59cd0622d539ab7bd2e087a0a8
-
SHA512
a0afc12bdad8f56b281a3236983d9f968a547c673742cf2d557e1232af22c9df6ec64b597d1a6bb239c40eb9b64934987ac67ee26cf94326fbbee2ffcea96772
-
SSDEEP
24576:sqDEvCTbMWu7rQYlBQcBiT6rprG8agSHVKM6mGRi+Nhtc:sTvC/MTQYxsWR7agQrgZ
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-