Overview

overview

10

Static

static

5

FİYAT TEK...İ.exe

windows7-x64

10

FİYAT TEK...İ.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    FİYAT TEKLİF İSTEĞİ.exe

  • Size

    1.2MB

  • Sample

    240510-kesmjach4x

  • MD5

    d123259f0d919be4c30c511debd1ea8d

  • SHA1

    2fb20310b104f57e4810d512f138a47e2fb1f8b2

  • SHA256

    92a314bf9cd8a43b29277834d900c82f7a2e978dcc19ba1dcad373d56217a623

  • SHA512

    3c5de0afce6edb67c5fca44d5af3ca16076be6d993013acb709a4bd7bf30540ef55b9919a0879924f150adf97ec537b5fdc7e4ad83323350583439869289c062

  • SSDEEP

    24576:xqDEvCTbMWu7rQYlBQcBiT6rprG8apoVBYCk70ww7TNF:xTvC/MTQYxsWR7apo8O

Score
10/10
agentteslazgratkeyloggerratspywarestealertrojan

Malware Config

Targets

    • Target

      FİYAT TEKLİF İSTEĞİ.exe

    • Size

      1.2MB

    • MD5

      d123259f0d919be4c30c511debd1ea8d

    • SHA1

      2fb20310b104f57e4810d512f138a47e2fb1f8b2

    • SHA256

      92a314bf9cd8a43b29277834d900c82f7a2e978dcc19ba1dcad373d56217a623

    • SHA512

      3c5de0afce6edb67c5fca44d5af3ca16076be6d993013acb709a4bd7bf30540ef55b9919a0879924f150adf97ec537b5fdc7e4ad83323350583439869289c062

    • SSDEEP

      24576:xqDEvCTbMWu7rQYlBQcBiT6rprG8apoVBYCk70ww7TNF:xTvC/MTQYxsWR7apo8O

    Score
    10/10
    agentteslazgratkeyloggerratspywarestealertrojan

    • AgentTesla

      Agent Tesla is a remote access tool (RAT) written in visual basic.

      keyloggertrojanstealerspywareagenttesla

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks