General
-
Target
747e2616e2c37f160fdfaa6df7b18e65c206788ad14b6002fadc72fe9863887d
-
Size
1.2MB
-
Sample
240522-ct3r2shc72
-
MD5
45a16a0b082e9b7a39c3c9e89a7f50b4
-
SHA1
04c468ecc20e99e63b8defff04a953e640570ba4
-
SHA256
747e2616e2c37f160fdfaa6df7b18e65c206788ad14b6002fadc72fe9863887d
-
SHA512
4204ae993ed74034bc999e4049880e492d463bfc0c915d0bee6fa550fe3d354e27bf5a59411ccdb99d21f36edfee232e7d4138bd0229fa37edeba70619628240
-
SSDEEP
24576:BAHnh+eWsN3skA4RV1Hom2KXMmHa+gMrWENROPBc5:Yh+ZkldoPK8Yax0tMPA
Static task
static1
Behavioral task
behavioral1
Sample
747e2616e2c37f160fdfaa6df7b18e65c206788ad14b6002fadc72fe9863887d.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
747e2616e2c37f160fdfaa6df7b18e65c206788ad14b6002fadc72fe9863887d.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
747e2616e2c37f160fdfaa6df7b18e65c206788ad14b6002fadc72fe9863887d
-
Size
1.2MB
-
MD5
45a16a0b082e9b7a39c3c9e89a7f50b4
-
SHA1
04c468ecc20e99e63b8defff04a953e640570ba4
-
SHA256
747e2616e2c37f160fdfaa6df7b18e65c206788ad14b6002fadc72fe9863887d
-
SHA512
4204ae993ed74034bc999e4049880e492d463bfc0c915d0bee6fa550fe3d354e27bf5a59411ccdb99d21f36edfee232e7d4138bd0229fa37edeba70619628240
-
SSDEEP
24576:BAHnh+eWsN3skA4RV1Hom2KXMmHa+gMrWENROPBc5:Yh+ZkldoPK8Yax0tMPA
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-