agenttesla | 2c552d11daebd76dafe245681272cc13fd9c51b01f9c475d609f9aeccafe3fe5 | Triage

Resubmissions

23-07-2024 17:32

240723-v4egba1drj 10

Sharing

General

Target

ButterflyLauncher.exe
Size

241.1MB
Sample

240723-v4egba1drj
MD5

b29564dd9adcdac584e65fcb27dc3f13
SHA1

be24c69c4e12eb2beb9ac5d431bb60f520a179a0
SHA256

2c552d11daebd76dafe245681272cc13fd9c51b01f9c475d609f9aeccafe3fe5
SHA512

846265617a267f587ac55ebdf855ebd2c22706b89b734597aa1466a6e10866662ed3ec89c9c4a0a0f1e9aa489fa4ed7fe3bfb1e51a83cabcb736b24309c19e1f
SSDEEP

1572864:8hhHI0W4V8PW6Z/wbmrKy7YgIkW433h28PW6Z/wbmrCy7YgIl4LpgF3TVGnBJm9I:qho0+fZaM2kHR3fZaU2l/F3Vn0f

Score

10^/10

agenttesla

Malware Config

Targets

- Target
  
  ButterflyLauncher.exe
- Size
  
  241.1MB
- MD5
  
  b29564dd9adcdac584e65fcb27dc3f13
- SHA1
  
  be24c69c4e12eb2beb9ac5d431bb60f520a179a0
- SHA256
  
  2c552d11daebd76dafe245681272cc13fd9c51b01f9c475d609f9aeccafe3fe5
- SHA512
  
  846265617a267f587ac55ebdf855ebd2c22706b89b734597aa1466a6e10866662ed3ec89c9c4a0a0f1e9aa489fa4ed7fe3bfb1e51a83cabcb736b24309c19e1f
- SSDEEP
  
  1572864:8hhHI0W4V8PW6Z/wbmrKy7YgIkW433h28PW6Z/wbmrCy7YgIl4LpgF3TVGnBJm9I:qho0+fZaM2kHR3fZaU2l/F3Vn0f
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2