General
-
Target
438b2c2e85994da2f10505a9ad2632a4c5d4fb031b0672a81ad7f5649bab12f9
-
Size
244KB
-
Sample
240524-bgbblafg76
-
MD5
d7ad70e1bd41f1d30cb83ec83771306e
-
SHA1
3d2d814c8804417ea151f5a79ebe18bc3fbdae88
-
SHA256
438b2c2e85994da2f10505a9ad2632a4c5d4fb031b0672a81ad7f5649bab12f9
-
SHA512
a39fb8bf28954a59b7b7d4f973b656ac039636f5c138640e0235f4cde0d232512edcba344088cb8e2b353b52c620c6d6e77ba5481165fffb1dea65b5b9c0771c
-
SSDEEP
6144:YDthOzj8izK5CRaLK9GBI3GNMGLUvYzCzdMS:YJknlRtGBI3GNTLUYO5MS
Behavioral task
behavioral1
Sample
438b2c2e85994da2f10505a9ad2632a4c5d4fb031b0672a81ad7f5649bab12f9.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
438b2c2e85994da2f10505a9ad2632a4c5d4fb031b0672a81ad7f5649bab12f9.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
agenttesla
https://discordapp.com/api/webhooks/1109048382372200528/V3xz9tyZZFNeRC2vvLAQWtG3K8MzCZJRiPEyYd_4WnUYo8YuI7IjVRmEopETtCFgfCXh
Targets
-
-
Target
438b2c2e85994da2f10505a9ad2632a4c5d4fb031b0672a81ad7f5649bab12f9
-
Size
244KB
-
MD5
d7ad70e1bd41f1d30cb83ec83771306e
-
SHA1
3d2d814c8804417ea151f5a79ebe18bc3fbdae88
-
SHA256
438b2c2e85994da2f10505a9ad2632a4c5d4fb031b0672a81ad7f5649bab12f9
-
SHA512
a39fb8bf28954a59b7b7d4f973b656ac039636f5c138640e0235f4cde0d232512edcba344088cb8e2b353b52c620c6d6e77ba5481165fffb1dea65b5b9c0771c
-
SSDEEP
6144:YDthOzj8izK5CRaLK9GBI3GNMGLUvYzCzdMS:YJknlRtGBI3GNTLUYO5MS
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-