General
-
Target
03fa70c2a8d4b80b524aed2ada1cb5c2861eda0a4b8a10a54aa7f192a95e7ac6
-
Size
1.2MB
-
Sample
240508-cvfznsgc53
-
MD5
601ef7e4bea3e5760f307f5b1265a1d5
-
SHA1
a8edfb91ce9fe6ae21a8fde268454fb7a2f23d83
-
SHA256
03fa70c2a8d4b80b524aed2ada1cb5c2861eda0a4b8a10a54aa7f192a95e7ac6
-
SHA512
38fb16b7b4a48e5245151ff6d1d26dfcc70eb1d63028bf03cbe7f77f6fc226c81cee4ff1c268959d3a528589c4ecf13b50c3295fba97a29bda7cb22321f7acda
-
SSDEEP
24576:6qDEvCTbMWu7rQYlBQcBiT6rprG8aTsGjS3yZro7v:6TvC/MTQYxsWR7aTJjiyZro
Static task
static1
Behavioral task
behavioral1
Sample
03fa70c2a8d4b80b524aed2ada1cb5c2861eda0a4b8a10a54aa7f192a95e7ac6.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
03fa70c2a8d4b80b524aed2ada1cb5c2861eda0a4b8a10a54aa7f192a95e7ac6
-
Size
1.2MB
-
MD5
601ef7e4bea3e5760f307f5b1265a1d5
-
SHA1
a8edfb91ce9fe6ae21a8fde268454fb7a2f23d83
-
SHA256
03fa70c2a8d4b80b524aed2ada1cb5c2861eda0a4b8a10a54aa7f192a95e7ac6
-
SHA512
38fb16b7b4a48e5245151ff6d1d26dfcc70eb1d63028bf03cbe7f77f6fc226c81cee4ff1c268959d3a528589c4ecf13b50c3295fba97a29bda7cb22321f7acda
-
SSDEEP
24576:6qDEvCTbMWu7rQYlBQcBiT6rprG8aTsGjS3yZro7v:6TvC/MTQYxsWR7aTJjiyZro
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-