General
-
Target
17062024_1644_17062024_Zahlung.rar
-
Size
657KB
-
Sample
240617-t9ajwawclh
-
MD5
48175cb17f80ef92e8c352736224bf70
-
SHA1
f3f6e81c6983f3ed423d50e24d0ed7349cdc74c9
-
SHA256
f043b74dd626834df14072aee21cdbad12b06085347250d8e81397277175b614
-
SHA512
5e552fd9fbdb241050acf0cefbb7c71fffc8b1c5487ef2d7d290645b0b88f774d630d84fbf31d2a41a64a2136aba0bdc946f61e26c5bdd976ee801c35c2d0208
-
SSDEEP
12288:nHLHoyJ3z5xjm74OtLhyRq0Kld8lIICieHxHpNeFFlcDqbaca:nb/dxjSjjP0KlUC5NYcDDca
Static task
static1
Behavioral task
behavioral1
Sample
Zahlung.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
Zahlung.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
Zahlung.exe
-
Size
1.1MB
-
MD5
e943b414bd144ca2b31d14538bba561c
-
SHA1
620667c51ffe854b6584c9d26e4c42623621e5a9
-
SHA256
0e1e4938f829e6a6812c2b3f8ec8a0fbeaa7f8935c472921e332023fbbf953c4
-
SHA512
63dcbecd15cc7930ff42d6996114e54a69f0f9343ac10501448df7fa7502fb6e4d3b349424a056f960b66724b0273bed03d0aec573609911bedf6cee691d4747
-
SSDEEP
24576:3AHnh+eWsN3skA4RV1Hom2KXMmHai3+BHBM1FMFei5:qh+ZkldoPK8Yai3XFMFv
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-