General
-
Target
LocalStealer.exe
-
Size
4.3MB
-
Sample
240823-nhjqks1cmg
-
MD5
2a83e09de80c45eecdc7c9ed103c4346
-
SHA1
4fdb40b042468a529f339bb9c5045dadc5a7c7bb
-
SHA256
6c8cd2ff4020f57d558e878d87e8039ad3804614cad29957e279423af39b959d
-
SHA512
e8784c26146256cb481e8ddf1795bf86d7a5bedad1ff0397b71884076b1ec49efa5e3ef3f6eeed921d4f190ae7b2ab6b7317ce27d1c43ea13e3d8edfe4ef3d12
-
SSDEEP
98304:tkjozJ9/im8XVBKl6tmJVPS47x/EaR5zNNHtFkIT4bNJFY3OqtaSGuA+iFi:RzJpjS346tmJ1xsG53tFkjBHYq9uAy
Static task
static1
Malware Config
Targets
-
-
Target
LocalStealer.exe
-
Size
4.3MB
-
MD5
2a83e09de80c45eecdc7c9ed103c4346
-
SHA1
4fdb40b042468a529f339bb9c5045dadc5a7c7bb
-
SHA256
6c8cd2ff4020f57d558e878d87e8039ad3804614cad29957e279423af39b959d
-
SHA512
e8784c26146256cb481e8ddf1795bf86d7a5bedad1ff0397b71884076b1ec49efa5e3ef3f6eeed921d4f190ae7b2ab6b7317ce27d1c43ea13e3d8edfe4ef3d12
-
SSDEEP
98304:tkjozJ9/im8XVBKl6tmJVPS47x/EaR5zNNHtFkIT4bNJFY3OqtaSGuA+iFi:RzJpjS346tmJ1xsG53tFkjBHYq9uAy
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla payload
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-