General
-
Target
demeonay.tgz
-
Size
846KB
-
Sample
241007-nae3eswbph
-
MD5
b448b8e143c4a2c512a9963133162e89
-
SHA1
70c8fea5e45fef06fef7501baa25d072b06478d1
-
SHA256
5dc440ad55871976c55f08048e7411d242a64324065fc91648d8771c2bfabce9
-
SHA512
3b9be95552400e69262284aa586f1cb032d284b4654d61f7c854c63efec2785fc83d23005a42accfcda9a5e935dc14ebbf9718ab98e8c82aa327fe4d81a8e00d
-
SSDEEP
768:DtF5w+B6dQn/q7EZnkrBnWEnVZaWTQ2Bp0dAgdH9WOJLEq:15l/VtbWT9p0dAgfJ4q
Static task
static1
Behavioral task
behavioral1
Sample
Ödeme onayı.exe
Resource
win7-20240708-en
Malware Config
Extracted
agenttesla
https://api.telegram.org/bot6828335029:AAHOq6iD_8Eg5u6FhmWF0NHPcKj1jLGtRk4/
Targets
-
-
Target
Ödeme onayı.exe
-
Size
810.6MB
-
MD5
467f7cbaf02335a9c92745bf88f6bd4f
-
SHA1
bdde0d6a94a4d40cd3fecfb33ddff0d77727d233
-
SHA256
d7eed63546caf4b8351e4dd2f87ffb46579177b2c6c559d019f2af86009e4821
-
SHA512
8b103e68a68bfdaf830ab41f168274cad1b8896506c0219df8c4ba4060f9e57d5967dfdd9351f971ee35ec9f9ed7d9fd844ef48dc1ae0b2288b953613a08038f
-
SSDEEP
1536:bjqr2ex0i4wnVqlBPwSP2nYQsH630VDH:bjqKex0i4wnVwwKlsEVDH
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-