General
-
Target
e79a0f2d4c3f02c119171b9e80ac8437e449202042abd347dfe712af51c8f758.exe
-
Size
1.2MB
-
Sample
240911-qydwdatblj
-
MD5
bb853f64342116837a2668980b1408d8
-
SHA1
e06aed80de04a975755250699959a8e6d252f88e
-
SHA256
e79a0f2d4c3f02c119171b9e80ac8437e449202042abd347dfe712af51c8f758
-
SHA512
077ecef1616b6fbc03b71c5e7de165ede6dbed8ce9f83d2e2aebe0e9407bdad1e52c15fff5b1f6ff404a7b6159c1e0a158196b05a57429c17adec30705ee00f5
-
SSDEEP
24576:g4lavt0LkLL9IMixoEgeaSexhv9PafRmjz4DS3Z2Fxq9MmCS:Xkwkn9IMHeaSov0fRmv4DS3Z2baPCS
Malware Config
Targets
-
-
Target
e79a0f2d4c3f02c119171b9e80ac8437e449202042abd347dfe712af51c8f758.exe
-
Size
1.2MB
-
MD5
bb853f64342116837a2668980b1408d8
-
SHA1
e06aed80de04a975755250699959a8e6d252f88e
-
SHA256
e79a0f2d4c3f02c119171b9e80ac8437e449202042abd347dfe712af51c8f758
-
SHA512
077ecef1616b6fbc03b71c5e7de165ede6dbed8ce9f83d2e2aebe0e9407bdad1e52c15fff5b1f6ff404a7b6159c1e0a158196b05a57429c17adec30705ee00f5
-
SSDEEP
24576:g4lavt0LkLL9IMixoEgeaSexhv9PafRmjz4DS3Z2Fxq9MmCS:Xkwkn9IMHeaSov0fRmv4DS3Z2baPCS
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-