General

  • Target

    a59a4f8e7ffe8236080c5c8e913ea975fee4e4855e1812470397963c914707d2

  • Size

    1.0MB

  • Sample

    240609-n7llgaac7y

  • MD5

    19c05632c05ff18a836637b0ef2c6578

  • SHA1

    10d82e288386a1c6a3f6c4f1cac103d66dcab063

  • SHA256

    a59a4f8e7ffe8236080c5c8e913ea975fee4e4855e1812470397963c914707d2

  • SHA512

    22cc422724307bccb9288f736eb583658a8e4053401f8331dca991f58c441cac059d7dc6848d7febf3db3bbbd5fc4744669738207ce258f5ae4ecefdec18be44

  • SSDEEP

    24576:mAHnh+eWsN3skA4RV1Hom2KXMmHaQmxpKoQUOkAsAzVP5:Bh+ZkldoPK8YaQ44mA1

Malware Config

Extracted

Family

agenttesla

Credentials

Targets

    • Target

      a59a4f8e7ffe8236080c5c8e913ea975fee4e4855e1812470397963c914707d2

    • Size

      1.0MB

    • MD5

      19c05632c05ff18a836637b0ef2c6578

    • SHA1

      10d82e288386a1c6a3f6c4f1cac103d66dcab063

    • SHA256

      a59a4f8e7ffe8236080c5c8e913ea975fee4e4855e1812470397963c914707d2

    • SHA512

      22cc422724307bccb9288f736eb583658a8e4053401f8331dca991f58c441cac059d7dc6848d7febf3db3bbbd5fc4744669738207ce258f5ae4ecefdec18be44

    • SSDEEP

      24576:mAHnh+eWsN3skA4RV1Hom2KXMmHaQmxpKoQUOkAsAzVP5:Bh+ZkldoPK8YaQ44mA1

    • AgentTesla

      Agent Tesla is a remote access tool (RAT) written in visual basic.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks