General
-
Target
431cd7140083d0b76aad4629fc4565215974e3aa2010a61b6e2e3c96c335dc42
-
Size
774KB
-
Sample
240503-bthlfadf92
-
MD5
dfb5e4129d8c2926f57f613bd0c8681f
-
SHA1
f28a2fdb5d250f1cfcb573357e6d158f8c92bb43
-
SHA256
431cd7140083d0b76aad4629fc4565215974e3aa2010a61b6e2e3c96c335dc42
-
SHA512
cf02c22c72e1914d80679f024631c869588b66069d70ed778202a47eda542422a4ddb39076cf4d2b9f04462e1df6c914bee6089ae4303fedc11f882fbd98f1ab
-
SSDEEP
24576:8RgNd4jgnfegLO3aUqMh8MWM8WCf09Bny:Ld4jMfegq3/qMhzW9Z
Static task
static1
Behavioral task
behavioral1
Sample
PI54938022.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
PI54938022.exe
-
Size
1.3MB
-
MD5
21a8674799f427274e1329d5d7895421
-
SHA1
85fe0af067bb1336dbec9b745eb2f221e6f2fef2
-
SHA256
ee40c299b2c58c65f64f771af991b3f852b72391157a336189df582cdcc1c94a
-
SHA512
9f08f19ef5d8989224f24750599c13ba8e41eb3cb7baaa4d8e0fe842658453a66c040d824b9ad72646ce7d04df54ddb1be244419d9d33fcb7b088f9b66974331
-
SSDEEP
24576:0qDEvCTbMWu7rQYlBQcBiT6rprG8a87SeCzQ9dHmq:0TvC/MTQYxsWR7a8cN
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Suspicious use of SetThreadContext
-