Overview

overview

10

Static

static

10

[PAID NEW]...ct.exe

windows7-x64

10

[PAID NEW]...ct.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    [PAID NEW] Byte Guard Source.rar

  • Size

    98.2MB

  • Sample

    240702-3eepsavfra

  • MD5

    5c81cad0adfc91fc01558fc4e55ffbac

  • SHA1

    3ab62f43fe1438fdcb38db422cc0b3cfb60a0444

  • SHA256

    67d443c1848d477d4d3c502309785f91d3af08b119663ab03141c7d586206655

  • SHA512

    103d794cda87bb1e19173072794ea11e6e15b7c64ef4333a2eba2c5e4b1aafdee3a27142de7373d9a51d2dd9e5dc77948981ad058fbfcefb8581747d78c334c1

  • SSDEEP

    3145728:RW9dE6RUOSMUBqAO1xxINS8VKS7BM4Nq7GR:S2aCgLxINSYtrNqC

Score
10/10
agentteslaelysiumstealerkeyloggerspywarestealertrojan

Malware Config

Targets

    • Target

      [PAID NEW] Byte Guard Source/SECURE BYTE GUI/obj/Release/Sky Protect.exe

    • Size

      3.3MB

    • MD5

      44b09bd91924da97610b9e181dd242f2

    • SHA1

      605219be40f3ebd1507d4b7847acc824a2c24eba

    • SHA256

      47bd9a82fd1774f3cfc3513ae2b42be3c73c07372240fcda63794302912085a1

    • SHA512

      1992ea5ae23fc04ca61076039c1a13edf024bba703667b8127bd232f9e801d74e4172b93cce52558e52515f3a6863fc681aec3ae898c7a39298341005484fd93

    • SSDEEP

      49152:+uLSkG570nS4pfVkqgy6r3askqXfd+/9AqAanTB:+0G57K5JEyUaskqXf0FPAWT

    Score
    10/10
    agentteslakeyloggerspywarestealertrojan

    • AgentTesla

      Agent Tesla is a remote access tool (RAT) written in visual basic.

      keyloggertrojanstealerspywareagenttesla

    • AgentTesla payload

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks