General
-
Target
cnycij0e.exe
-
Size
5.3MB
-
Sample
240706-xhbveasdrf
-
MD5
1c39f676abf0dac55917e2e0d46a0a24
-
SHA1
58fe13b8da21b4bd38573378c3e1ab1f55a9dba8
-
SHA256
a136d9d00094ddc10951c9174dcb345d6a4f4d66b905ebc7ef7e140510fb1743
-
SHA512
6e8209ff5443eaba8c0686f1b65968df3dd629e0d53ce241667f5b87674bf81787317aa0e5310b773f3c63c9de76706abcf8da0a7d920f4116fe9481426f5572
-
SSDEEP
98304:wtVnhJyB+1r2oqgNhVRwPdmDDU2Jo2a+qRkHTWrFk094z9OUh:wtVhJ71CoqgRRwPdeo2JFskEe094
Malware Config
Targets
-
-
Target
cnycij0e.exe
-
Size
5.3MB
-
MD5
1c39f676abf0dac55917e2e0d46a0a24
-
SHA1
58fe13b8da21b4bd38573378c3e1ab1f55a9dba8
-
SHA256
a136d9d00094ddc10951c9174dcb345d6a4f4d66b905ebc7ef7e140510fb1743
-
SHA512
6e8209ff5443eaba8c0686f1b65968df3dd629e0d53ce241667f5b87674bf81787317aa0e5310b773f3c63c9de76706abcf8da0a7d920f4116fe9481426f5572
-
SSDEEP
98304:wtVnhJyB+1r2oqgNhVRwPdmDDU2Jo2a+qRkHTWrFk094z9OUh:wtVhJ71CoqgRRwPdeo2JFskEe094
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla payload
-
Downloads MZ/PE file
-
Stops running service(s)
-
Executes dropped EXE
-