General
-
Target
30d9436c07bab5fc9b6236526b21a448c7dfd75a08c1a09d8ba9a8753427817c
-
Size
686KB
-
Sample
240514-bvm8baec38
-
MD5
2237c68e4b9576839ecbe1591aa31612
-
SHA1
77e06b3b4bfc72fa26aa433ff34cbdf464fd7e8f
-
SHA256
30d9436c07bab5fc9b6236526b21a448c7dfd75a08c1a09d8ba9a8753427817c
-
SHA512
1ae5a65cc682375ef441e71df64aa1f4d42aeeaf6bc1bada7d4c34af6051cf105b6228e477fa770372f50162e32b5d083eedd50289f1bcc827a69a017c1b50d0
-
SSDEEP
12288:xYV6MorX7qzuC3QHO9FQVHPF51jgc4jY9ssfmFoVynnV2aXGNTiZB1QkM5:GBXu9HGaVH4USsf5QnUaSijDM5
Malware Config
Targets
-
-
Target
30d9436c07bab5fc9b6236526b21a448c7dfd75a08c1a09d8ba9a8753427817c
-
Size
686KB
-
MD5
2237c68e4b9576839ecbe1591aa31612
-
SHA1
77e06b3b4bfc72fa26aa433ff34cbdf464fd7e8f
-
SHA256
30d9436c07bab5fc9b6236526b21a448c7dfd75a08c1a09d8ba9a8753427817c
-
SHA512
1ae5a65cc682375ef441e71df64aa1f4d42aeeaf6bc1bada7d4c34af6051cf105b6228e477fa770372f50162e32b5d083eedd50289f1bcc827a69a017c1b50d0
-
SSDEEP
12288:xYV6MorX7qzuC3QHO9FQVHPF51jgc4jY9ssfmFoVynnV2aXGNTiZB1QkM5:GBXu9HGaVH4USsf5QnUaSijDM5
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
ZGRat
ZGRat is remote access trojan written in C#.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-