General

  • Target

    e10c43c995d48b2bc87fc8530e62aa6c06ba4ca952b1bb0aa93ad8db1e38c274.exe

  • Size

    1.1MB

  • Sample

    241115-vnzgjsxhrc

  • MD5

    f700d67030610358a050387e0512fcf0

  • SHA1

    292ddb44c8d82017d8b588a8a12fe2a1483b525f

  • SHA256

    e10c43c995d48b2bc87fc8530e62aa6c06ba4ca952b1bb0aa93ad8db1e38c274

  • SHA512

    f1107ba8457bb2c5477b9055f21586406ea72d888cdc63bd553e614a6e3f060240f170229ba30d676501e42e126569e6322719127f7bda71ffcc0ff8245f1b74

  • SSDEEP

    24576:jtb20pkaCqT5TBWgNQ7aIdoXsVfcwhoyVKMQXH6Au:gVg5tQ7aIachfhSH5u

Malware Config

Targets

    • Target

      e10c43c995d48b2bc87fc8530e62aa6c06ba4ca952b1bb0aa93ad8db1e38c274.exe

    • Size

      1.1MB

    • MD5

      f700d67030610358a050387e0512fcf0

    • SHA1

      292ddb44c8d82017d8b588a8a12fe2a1483b525f

    • SHA256

      e10c43c995d48b2bc87fc8530e62aa6c06ba4ca952b1bb0aa93ad8db1e38c274

    • SHA512

      f1107ba8457bb2c5477b9055f21586406ea72d888cdc63bd553e614a6e3f060240f170229ba30d676501e42e126569e6322719127f7bda71ffcc0ff8245f1b74

    • SSDEEP

      24576:jtb20pkaCqT5TBWgNQ7aIdoXsVfcwhoyVKMQXH6Au:gVg5tQ7aIachfhSH5u

    • AgentTesla

      Agent Tesla is a remote access tool (RAT) written in visual basic.

    • Agenttesla family

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks