General
-
Target
75a67dd823e262d9f88b845e8c96aa376fce5c2261d835e3bf96b4f1f24a75c2
-
Size
2.3MB
-
Sample
240612-cb79taycjg
-
MD5
3bdccf0ad99477897b2c52e4d7caf22c
-
SHA1
f8745d2cd4460b0541fa36f349946365ccf3dbba
-
SHA256
75a67dd823e262d9f88b845e8c96aa376fce5c2261d835e3bf96b4f1f24a75c2
-
SHA512
13524dae60dd93947316498a9b37e67229fa1e8f95040a6fee884dd06c2a365e7ec8025e61cd419b2e78017ee222b9ed0cdc838e025f99eff70b0d6b3c6e1718
-
SSDEEP
3072:CnJXbZgdE1mITFmT52UVbc0SegDgZfIxrAQOt/7ryVGMKrQjRzIEFJxalTfTYYi5:CnJP1T/
Static task
static1
Behavioral task
behavioral1
Sample
75a67dd823e262d9f88b845e8c96aa376fce5c2261d835e3bf96b4f1f24a75c2.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
75a67dd823e262d9f88b845e8c96aa376fce5c2261d835e3bf96b4f1f24a75c2.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
agenttesla
https://api.telegram.org/bot7199704710:AAFo3G2WRLLSd0jDgjwpe01oeP1lxDAYb8A/
Targets
-
-
Target
75a67dd823e262d9f88b845e8c96aa376fce5c2261d835e3bf96b4f1f24a75c2
-
Size
2.3MB
-
MD5
3bdccf0ad99477897b2c52e4d7caf22c
-
SHA1
f8745d2cd4460b0541fa36f349946365ccf3dbba
-
SHA256
75a67dd823e262d9f88b845e8c96aa376fce5c2261d835e3bf96b4f1f24a75c2
-
SHA512
13524dae60dd93947316498a9b37e67229fa1e8f95040a6fee884dd06c2a365e7ec8025e61cd419b2e78017ee222b9ed0cdc838e025f99eff70b0d6b3c6e1718
-
SSDEEP
3072:CnJXbZgdE1mITFmT52UVbc0SegDgZfIxrAQOt/7ryVGMKrQjRzIEFJxalTfTYYi5:CnJP1T/
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-