General
-
Target
9b33f5fcb98474727512a218d6ebe3d0fa1dd9254ff85410059c4ddcc4fe53ed
-
Size
1.2MB
-
Sample
240503-bzag1sdh42
-
MD5
42610f930f7905375aea64943d79f87d
-
SHA1
8a1247d7e390f015db9d5aa7d6f9df2252fdc944
-
SHA256
9b33f5fcb98474727512a218d6ebe3d0fa1dd9254ff85410059c4ddcc4fe53ed
-
SHA512
45e85367e43e6635d5a59d50673ca426878bd17ccd5ae9de791c407ffbd4ab5c7ecf2092fbe5ee0ad31e6adae9bfbd1037c332c6dd7a1c8802047c715755f6c5
-
SSDEEP
24576:DqDEvCTbMWu7rQYlBQcBiT6rprG8aTqChh8niG79Q:DTvC/MTQYxsWR7aTLSiA9
Static task
static1
Behavioral task
behavioral1
Sample
9b33f5fcb98474727512a218d6ebe3d0fa1dd9254ff85410059c4ddcc4fe53ed.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
9b33f5fcb98474727512a218d6ebe3d0fa1dd9254ff85410059c4ddcc4fe53ed
-
Size
1.2MB
-
MD5
42610f930f7905375aea64943d79f87d
-
SHA1
8a1247d7e390f015db9d5aa7d6f9df2252fdc944
-
SHA256
9b33f5fcb98474727512a218d6ebe3d0fa1dd9254ff85410059c4ddcc4fe53ed
-
SHA512
45e85367e43e6635d5a59d50673ca426878bd17ccd5ae9de791c407ffbd4ab5c7ecf2092fbe5ee0ad31e6adae9bfbd1037c332c6dd7a1c8802047c715755f6c5
-
SSDEEP
24576:DqDEvCTbMWu7rQYlBQcBiT6rprG8aTqChh8niG79Q:DTvC/MTQYxsWR7aTLSiA9
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-