General
-
Target
174d337dc96f1d28833631db40dfb53ed28878b50ade6698a423b222b3ff78e8.exe
-
Size
1.2MB
-
Sample
240609-l4hdjahb3z
-
MD5
bf62b57ee6b1e88d479e982fcc5bcf68
-
SHA1
35956b67857e333893689bf293b053653180bc87
-
SHA256
174d337dc96f1d28833631db40dfb53ed28878b50ade6698a423b222b3ff78e8
-
SHA512
ce25b0d13a2af6df4a89a7376684535b78b2cf4fff76121344ab700a70852f0a23f70eddbe8884f70584c4a12afbc20149a4e6253a23de5294672d0998713553
-
SSDEEP
24576:PAHnh+eWsN3skA4RV1Hom2KXMmHa0cBsAbHXBRSPO2fC5:yh+ZkldoPK8Ya0ahdRFP
Static task
static1
Behavioral task
behavioral1
Sample
174d337dc96f1d28833631db40dfb53ed28878b50ade6698a423b222b3ff78e8.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
174d337dc96f1d28833631db40dfb53ed28878b50ade6698a423b222b3ff78e8.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
174d337dc96f1d28833631db40dfb53ed28878b50ade6698a423b222b3ff78e8.exe
-
Size
1.2MB
-
MD5
bf62b57ee6b1e88d479e982fcc5bcf68
-
SHA1
35956b67857e333893689bf293b053653180bc87
-
SHA256
174d337dc96f1d28833631db40dfb53ed28878b50ade6698a423b222b3ff78e8
-
SHA512
ce25b0d13a2af6df4a89a7376684535b78b2cf4fff76121344ab700a70852f0a23f70eddbe8884f70584c4a12afbc20149a4e6253a23de5294672d0998713553
-
SSDEEP
24576:PAHnh+eWsN3skA4RV1Hom2KXMmHa0cBsAbHXBRSPO2fC5:yh+ZkldoPK8Ya0ahdRFP
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-