General
-
Target
38246b2b255844084376bf8b7970aa42fc1f5593ea38a32dfc165860737a5dcf
-
Size
1.1MB
-
Sample
240505-bmvbnadb73
-
MD5
92fb8c25fa1fc47ed87f234ea2e280a8
-
SHA1
754ce462e7f0c039dfa45b41d837e313795790a6
-
SHA256
38246b2b255844084376bf8b7970aa42fc1f5593ea38a32dfc165860737a5dcf
-
SHA512
2477f972070d645c2f50dcc256893d759398b2dc09b9433e9e365c25b4d0e437a623a5206752ddc49197062c5e1824788feb5a228e4e2b198b6968d13005a8c5
-
SSDEEP
24576:KqDEvCTbMWu7rQYlBQcBiT6rprG8aZU3oZONTQNhbs:KTvC/MTQYxsWR7aZ1qQ
Static task
static1
Behavioral task
behavioral1
Sample
38246b2b255844084376bf8b7970aa42fc1f5593ea38a32dfc165860737a5dcf.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
38246b2b255844084376bf8b7970aa42fc1f5593ea38a32dfc165860737a5dcf.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
38246b2b255844084376bf8b7970aa42fc1f5593ea38a32dfc165860737a5dcf
-
Size
1.1MB
-
MD5
92fb8c25fa1fc47ed87f234ea2e280a8
-
SHA1
754ce462e7f0c039dfa45b41d837e313795790a6
-
SHA256
38246b2b255844084376bf8b7970aa42fc1f5593ea38a32dfc165860737a5dcf
-
SHA512
2477f972070d645c2f50dcc256893d759398b2dc09b9433e9e365c25b4d0e437a623a5206752ddc49197062c5e1824788feb5a228e4e2b198b6968d13005a8c5
-
SSDEEP
24576:KqDEvCTbMWu7rQYlBQcBiT6rprG8aZU3oZONTQNhbs:KTvC/MTQYxsWR7aZ1qQ
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-