General
-
Target
ORDER_01881371631.exe
-
Size
1.3MB
-
Sample
240619-lpzdhaserm
-
MD5
1a4664b8ff72e5e2cf7c5a5aa045bcf2
-
SHA1
74ec5407a7fab5056f17db186a0b2e79c86594d2
-
SHA256
9ea02d38fe4feff7c9818062f8fd0f9ac385e73f2ca702887eaa72f50696869e
-
SHA512
0441847cb72e671b3c085f2883356fd1550f3d024c2ea49d5b0d6677884067c6065b93b9205eac20e3e19e0d2b58546ba180896064000e4730b09816647ab3e8
-
SSDEEP
24576:PAHnh+eWsN3skA4RV1Hom2KXMmHa3KwMamM3AviDFBjyP75:yh+ZkldoPK8Ya3PMamM8iDFBmF
Static task
static1
Behavioral task
behavioral1
Sample
ORDER_01881371631.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
ORDER_01881371631.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
ORDER_01881371631.exe
-
Size
1.3MB
-
MD5
1a4664b8ff72e5e2cf7c5a5aa045bcf2
-
SHA1
74ec5407a7fab5056f17db186a0b2e79c86594d2
-
SHA256
9ea02d38fe4feff7c9818062f8fd0f9ac385e73f2ca702887eaa72f50696869e
-
SHA512
0441847cb72e671b3c085f2883356fd1550f3d024c2ea49d5b0d6677884067c6065b93b9205eac20e3e19e0d2b58546ba180896064000e4730b09816647ab3e8
-
SSDEEP
24576:PAHnh+eWsN3skA4RV1Hom2KXMmHa3KwMamM3AviDFBjyP75:yh+ZkldoPK8Ya3PMamM8iDFBmF
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-