General
-
Target
50def3ac141e2e6ee58935076e7c69bfbbf617a9aa348317e1abc13d24ac456b
-
Size
577KB
-
Sample
240612-b2q8jsxhpe
-
MD5
4f64e76b6bdcc6a795e15032f04ee833
-
SHA1
76f0b9e53b1ffd155c16b25af86fe2cb5ae560eb
-
SHA256
50def3ac141e2e6ee58935076e7c69bfbbf617a9aa348317e1abc13d24ac456b
-
SHA512
18c8ece53d378cd8b0579fccd534cc3c5d5033cbd8c8571daee487b343f1642ebe24ace503c30e824095f720c14a7e0dac59a36f29eb733bc97fe9c9b77912ac
-
SSDEEP
12288:rYV6MorX7qzuC3QHO9FQVHPF51jgc2M/gd1uV1rIbNyeN20f+3:IBXu9HGaVHngdw6QeNFM
Behavioral task
behavioral1
Sample
50def3ac141e2e6ee58935076e7c69bfbbf617a9aa348317e1abc13d24ac456b.exe
Resource
win7-20240220-en
Malware Config
Extracted
agenttesla
https://api.telegram.org/bot7251431774:AAHChQrtBHFfvS35hPhJi9N1leN0cmWiVoI/
Targets
-
-
Target
50def3ac141e2e6ee58935076e7c69bfbbf617a9aa348317e1abc13d24ac456b
-
Size
577KB
-
MD5
4f64e76b6bdcc6a795e15032f04ee833
-
SHA1
76f0b9e53b1ffd155c16b25af86fe2cb5ae560eb
-
SHA256
50def3ac141e2e6ee58935076e7c69bfbbf617a9aa348317e1abc13d24ac456b
-
SHA512
18c8ece53d378cd8b0579fccd534cc3c5d5033cbd8c8571daee487b343f1642ebe24ace503c30e824095f720c14a7e0dac59a36f29eb733bc97fe9c9b77912ac
-
SSDEEP
12288:rYV6MorX7qzuC3QHO9FQVHPF51jgc2M/gd1uV1rIbNyeN20f+3:IBXu9HGaVHngdw6QeNFM
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-