General
-
Target
d76978969d8c970991d4f66880cea80e4526ac2fe0c48465ce44cf538a53114c
-
Size
1.4MB
-
Sample
240511-bgcjnacd2v
-
MD5
6f0deb72a61f1164c43fb47efa5f517f
-
SHA1
21834f6fab971b06b6d4ed1b007b697f27d8c1ff
-
SHA256
d76978969d8c970991d4f66880cea80e4526ac2fe0c48465ce44cf538a53114c
-
SHA512
fd8c3a675ca71703a0a6c49f5c14fcaa38184af8358cef2e77e08472dd4617e60caad29f5c8202f2f9af71b42439df526c3be33a20b06706118d0394fa7513a3
-
SSDEEP
24576:yAHnh+eWsN3skA4RV1Hom2KXMmHaA2mcJbVXA21tyeeMixvg/625:1h+ZkldoPK8YaA7cNVl+pMiE
Malware Config
Targets
-
-
Target
d76978969d8c970991d4f66880cea80e4526ac2fe0c48465ce44cf538a53114c
-
Size
1.4MB
-
MD5
6f0deb72a61f1164c43fb47efa5f517f
-
SHA1
21834f6fab971b06b6d4ed1b007b697f27d8c1ff
-
SHA256
d76978969d8c970991d4f66880cea80e4526ac2fe0c48465ce44cf538a53114c
-
SHA512
fd8c3a675ca71703a0a6c49f5c14fcaa38184af8358cef2e77e08472dd4617e60caad29f5c8202f2f9af71b42439df526c3be33a20b06706118d0394fa7513a3
-
SSDEEP
24576:yAHnh+eWsN3skA4RV1Hom2KXMmHaA2mcJbVXA21tyeeMixvg/625:1h+ZkldoPK8YaA7cNVl+pMiE
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla payload
-
Drops startup file
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-