General
-
Target
ecb481c8a4b459b75e7678555f28e7cd693d8d7a5798516d5c2f7c3c2f93cfb6.exe
-
Size
1.1MB
-
Sample
240609-l6nnbshh48
-
MD5
ec3c46f793725d1ea03f9deb51455826
-
SHA1
66579dc2c1dce7b893124701df33079518af4d4c
-
SHA256
ecb481c8a4b459b75e7678555f28e7cd693d8d7a5798516d5c2f7c3c2f93cfb6
-
SHA512
2dd8cd8a7135e1175b527346ffe0139b4698d28885fc6e004c8b6732d8090c1d080489aaf6896930728f43af256409d2031ff2f488cbd83cac9b1b934aaa6bc8
-
SSDEEP
24576:1AHnh+eWsN3skA4RV1Hom2KXMmHaZembDaKjEhhTQ5XVkr5:kh+ZkldoPK8YaZembeKjEhFQJVM
Static task
static1
Behavioral task
behavioral1
Sample
ecb481c8a4b459b75e7678555f28e7cd693d8d7a5798516d5c2f7c3c2f93cfb6.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ecb481c8a4b459b75e7678555f28e7cd693d8d7a5798516d5c2f7c3c2f93cfb6.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
ecb481c8a4b459b75e7678555f28e7cd693d8d7a5798516d5c2f7c3c2f93cfb6.exe
-
Size
1.1MB
-
MD5
ec3c46f793725d1ea03f9deb51455826
-
SHA1
66579dc2c1dce7b893124701df33079518af4d4c
-
SHA256
ecb481c8a4b459b75e7678555f28e7cd693d8d7a5798516d5c2f7c3c2f93cfb6
-
SHA512
2dd8cd8a7135e1175b527346ffe0139b4698d28885fc6e004c8b6732d8090c1d080489aaf6896930728f43af256409d2031ff2f488cbd83cac9b1b934aaa6bc8
-
SSDEEP
24576:1AHnh+eWsN3skA4RV1Hom2KXMmHaZembDaKjEhhTQ5XVkr5:kh+ZkldoPK8YaZembeKjEhFQJVM
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-