General
-
Target
b3b58a7d2eeda1ca29664aa79a79acd2df41e06b503c5af6a91c536e8798bab8
-
Size
1.3MB
-
Sample
240619-cxr5qascke
-
MD5
23b24039cb4a47a03e71a77b2773a583
-
SHA1
c926e5259abcdd1702171ce7cca153555ac01f89
-
SHA256
b3b58a7d2eeda1ca29664aa79a79acd2df41e06b503c5af6a91c536e8798bab8
-
SHA512
9bc9e75fa7b56060dbd17226617274336497b67d3502fa0c33466b0bbb1d74be6ed2b8ef2b41bbd8155961616d9139b3f46fa70174edcb5d02987ca4aaa645f5
-
SSDEEP
24576:0AHnh+eWsN3skA4RV1Hom2KXMmHaFH4vy5q4rBEO2bhIpuvLfMyc5T/5:Dh+ZkldoPK8YaFHdKv7MycL
Static task
static1
Behavioral task
behavioral1
Sample
b3b58a7d2eeda1ca29664aa79a79acd2df41e06b503c5af6a91c536e8798bab8.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
b3b58a7d2eeda1ca29664aa79a79acd2df41e06b503c5af6a91c536e8798bab8.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
b3b58a7d2eeda1ca29664aa79a79acd2df41e06b503c5af6a91c536e8798bab8
-
Size
1.3MB
-
MD5
23b24039cb4a47a03e71a77b2773a583
-
SHA1
c926e5259abcdd1702171ce7cca153555ac01f89
-
SHA256
b3b58a7d2eeda1ca29664aa79a79acd2df41e06b503c5af6a91c536e8798bab8
-
SHA512
9bc9e75fa7b56060dbd17226617274336497b67d3502fa0c33466b0bbb1d74be6ed2b8ef2b41bbd8155961616d9139b3f46fa70174edcb5d02987ca4aaa645f5
-
SSDEEP
24576:0AHnh+eWsN3skA4RV1Hom2KXMmHaFH4vy5q4rBEO2bhIpuvLfMyc5T/5:Dh+ZkldoPK8YaFHdKv7MycL
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla payload
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-