General
-
Target
Rendered.exe
-
Size
2.6MB
-
Sample
240518-mfhvtseh24
-
MD5
000d5f8b3e05b0984b67c1294047b850
-
SHA1
70bacc0fa01851d7aba421c0ddb3f8f9289b312f
-
SHA256
3268b2063ddd68961f18c75c62de4aefda40a755edb8c643304069c838d66424
-
SHA512
6d22f14dd59109fef961b45dd09d57fa3c39e1f748a9ef306e0723bd6dfccc42aaf2db20621d6fdfade0d21384ad020434b0b8b9b5640fd4bfeb2f123de0757c
-
SSDEEP
49152:qR4SA7WKhEcTOxLqVED56SuGsh1eh4qqfIZl+HEtDphq3UMVWTD3tq:U4SARGcTOKEDsS92c4YZl+YDp4EMVWTE
Static task
static1
Behavioral task
behavioral1
Sample
Rendered.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
Rendered.exe
-
Size
2.6MB
-
MD5
000d5f8b3e05b0984b67c1294047b850
-
SHA1
70bacc0fa01851d7aba421c0ddb3f8f9289b312f
-
SHA256
3268b2063ddd68961f18c75c62de4aefda40a755edb8c643304069c838d66424
-
SHA512
6d22f14dd59109fef961b45dd09d57fa3c39e1f748a9ef306e0723bd6dfccc42aaf2db20621d6fdfade0d21384ad020434b0b8b9b5640fd4bfeb2f123de0757c
-
SSDEEP
49152:qR4SA7WKhEcTOxLqVED56SuGsh1eh4qqfIZl+HEtDphq3UMVWTD3tq:U4SARGcTOKEDsS92c4YZl+YDp4EMVWTE
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-