agenttesla | a4e9867a3423ea090ddd90890c4b73ddfba0f1ba3e4b61ee7f9aba9d26835af9

Sharing

Copy URL Twitter E-mail

General

Target

a4e9867a3423ea090ddd90890c4b73ddfba0f1ba3e4b61ee7f9aba9d26835af9
Size

2.1MB
Sample

240715-m8nlsawdnc
MD5

99d9afe15bcf773cdf90b27f9a92ff51
SHA1

0c98e23f01d016ba6037f5e230b063a515f0c91a
SHA256

a4e9867a3423ea090ddd90890c4b73ddfba0f1ba3e4b61ee7f9aba9d26835af9
SHA512

7f4f4d726b5f3819dbfa4d3b5eb0c998af77a47210560e5bd8385c55faa5e6f9ba429042ee7f8dd81dd370fe729f0e69c92521d670712f1e2b7bf26384572b42
SSDEEP

49152:vCbDxhZjOex9+MIiTZjGsZ5zC+M0tThkeZmZOsygt8ICZpatTrZT1mao:vCPxhVO9z4Ge5XM0tThkomCgt8I0p6le

Score

10^/10

agenttesla

Malware Config

Targets

- Target
  
  Guna.UI2.dll
- Size
  
  2.0MB
- MD5
  
  a9809dee310a081cde09d7c51ddc0181
- SHA1
  
  1f68cc48222b653f5221443c60bce8994993f7ff
- SHA256
  
  766d6fa2b4dddc798eb3d4c40289c2aa18a49881efbd4dbbde4e77ecb304fe32
- SHA512
  
  541b9041879ef498c80e05af832c81d508332a633a40e0c98937a9534620cfa7f6bed7f43ad378479ee31a96739f511f5024b610bd4860537f8124e16b673deb
- SSDEEP
  
  49152:5/0RuS4fpa2SpPEEbzpnErW3aklbnGIN8m4:ZSkC
Score

1^/10
behavioral1 behavioral2
- Target
  
  Newtonsoft.Json.dll
- Size
  
  695KB
- MD5
  
  adf3e3eecde20b7c9661e9c47106a14a
- SHA1
  
  f3130f7fd4b414b5aec04eb87ed800eb84dd2154
- SHA256
  
  22c649f75fce5be7c7ccda8880473b634ef69ecf33f5d1ab8ad892caf47d5a07
- SHA512
  
  6a644bfd4544950ed2d39190393b716c8314f551488380ec8bd35b5062aa143342dfd145e92e3b6b81e80285cac108d201b6bbd160cb768dc002c49f4c603c0b
- SSDEEP
  
  12288:mFIM0KteTMN4Or4D3OdmZg5WHEaEDIGBBjgrIQtD+tVqDMW:6zMTMNNd+g5Wk78GBBjgrIQtDF
Score

1^/10
behavioral3 behavioral4
- Target
  
  System.Management.dll
- Size
  
  72KB
- MD5
  
  1c71e5310151ce1e9a3a92797776bdad
- SHA1
  
  fd452b874fec4a9dae61a3710fb32749dc7d701e
- SHA256
  
  f515ca5c944c332ab706ff0a7c2e53e66d0d9d8a663e9b2691b35129ee22559b
- SHA512
  
  2a4f18c77449c2d06a3ab6807338f73b03b1faa332e78319829ba3a2b6fd98bb9a83c5e29b47d55e4ce7f0dfdcd8524fa592a0f3ca8ee09daae2894b681265a8
- SSDEEP
  
  768:BrEP45HksbMU3se5c/0b/9nLZV1BCUkVoV0lP7H0CkkiSLJKdbY8Mtuo0eDQP9zu:bbz5wulNV1zkSQzHxkxS9yc8no0nzu
Score

1^/10
behavioral5 behavioral6
- Target
  
  Uដុសមី-DaScraping.dll
- Size
  
  943KB
- MD5
  
  305da6f1dd63c2c3e8e985fbf12a65c3
- SHA1
  
  a73721b4dae71fea824938d3b17711137c34d3ef
- SHA256
  
  d88ce7efa3b4756097d5f805c44edf9e95e3c46afc811e3693bf948ff34a38e5
- SHA512
  
  1d4c78e67bdf0c2584ff8c84776b409ecadce9422cdbf431b172828b7d431b1a72d23514a14f3b841c1c1bf1e1522e86dda23b0717c6eca9f77a487ba2157209
- SSDEEP
  
  24576:UZvvUXJWhWCty4OPcFwG3ZwZvvUXJUYn4ZvvUXJ:UZvvmch53yZvvmuYn4Zvvm
Score

1^/10
behavioral7 behavioral8
- Target
  
  Uដុសមី-DaScraping.exe
- Size
  
  277KB
- MD5
  
  a1606d8954b307588bba01fa0295cd7c
- SHA1
  
  2750b3bfa589763aad8daaa1822b4eec31e168bf
- SHA256
  
  19d42e5a3c33d00285b39939ebe488a7934de408561b2e0e4be405439a572041
- SHA512
  
  095bd4196a36bcccfa0e637f6a4830d19a2a301db41be648ad7b87bb075dd8616b266ad5c04c828da1897f5985b25c7e6f18bf47ab49fe58c479ed903d10acee
- SSDEEP
  
  3072:yKta93TRDiicws0MWbs2OJiKF/ODxT584V9u2qN4FAmwY5UZp5mGoOm3vbbO2G7v:y2wX7bJf9u/N4GPZpZm3jbOGrynUXJ0
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral10 behavioral9
- Target
  
  runtimes/win/lib/net7.0/System.Management.dll
- Size
  
  288KB
- MD5
  
  76e0aaa7182e77403bf6fe2af8d90f28
- SHA1
  
  d013c5d649f9ebce5bee1c8b774f3290b1f1f532
- SHA256
  
  a7e248c3e6f25f4673e2006fa77f4a4322a3c74c2652dcc395178329feb7ff28
- SHA512
  
  8e161a375fe174d9b203c2a098c92aff411d8521eef133d5174ae7409c394157f7a067c2a9dfe3f76cb02acbed52c33a11579b9a1cbee75e4092e6487d1a7bc1
- SSDEEP
  
  6144:TMbKUVLmD7HP9ab+T5sBFzPnQpEZFAc2Q:45VL2Z++tw92Q
Score

1^/10
behavioral11 behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12