General
-
Target
dgtm,.rar
-
Size
274.7MB
-
Sample
240721-vk4bbswape
-
MD5
96da0132b6b5edf11868e16e19ef821b
-
SHA1
d6f2a4817a393de1c3bd10bb5b9b9c2d633c0073
-
SHA256
4eb8e15aa97acdc7599a949211b6ca85d6973fa0f8d8a739e4a6e617a29de673
-
SHA512
6af89091a49a0ec9ea5ee138601acf972f9bfa9b191537d382acc3e8095da04d49ed4adad2506ec1fd7e7ab49eae6f5381b661f95b661b5540c858d6ec044d2e
-
SSDEEP
6291456:c57SksmgS2mHsvrIH+C0T/0Rmd8SkrVa9294VR+C0TCZ:c57SYbMb7td8TVaEJOZ
Behavioral task
behavioral1
Sample
dgtm,.rar
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
dgtm,.rar
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
dgtm,.rar
Resource
win10v2004-20240709-en
Behavioral task
behavioral4
Sample
dgtm,.rar
Resource
win11-20240709-en
Malware Config
Extracted
spynote
1.tcp.sa.ngrok.io:21490
Targets
-
-
Target
dgtm,.rar
-
Size
274.7MB
-
MD5
96da0132b6b5edf11868e16e19ef821b
-
SHA1
d6f2a4817a393de1c3bd10bb5b9b9c2d633c0073
-
SHA256
4eb8e15aa97acdc7599a949211b6ca85d6973fa0f8d8a739e4a6e617a29de673
-
SHA512
6af89091a49a0ec9ea5ee138601acf972f9bfa9b191537d382acc3e8095da04d49ed4adad2506ec1fd7e7ab49eae6f5381b661f95b661b5540c858d6ec044d2e
-
SSDEEP
6291456:c57SksmgS2mHsvrIH+C0T/0Rmd8SkrVa9294VR+C0TCZ:c57SYbMb7td8TVaEJOZ
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla payload
-
Executes dropped EXE
-
Loads dropped DLL
-