General
-
Target
eb7c12418a94021b58bdf44cd672076858c537a17552ffd28a34a721097c46b6.exe
-
Size
430KB
-
Sample
241121-v5m5vayman
-
MD5
673e77da85c204fd86709475f54dc6b3
-
SHA1
da68a4e5fc62eb5ca2f3394f22d288db7fe5485b
-
SHA256
eb7c12418a94021b58bdf44cd672076858c537a17552ffd28a34a721097c46b6
-
SHA512
6c77602d20db530923e6369a9c9b8ddc86c0dd93198cc7d7538fa6ffda08458952e790b497c056acb0f6df678c4b620841ea0446ff2e219fff598a4b477ea890
-
SSDEEP
6144:hBlL/+lrHomkbgytaFTAGGW56pXrT6DpFpK7ULtVjHIvDp2IWyxRKQXPn03fmoGJ:nNbrGAGGy6pXAhqYA8IhPOfmoGJ
Malware Config
Targets
-
-
Target
eb7c12418a94021b58bdf44cd672076858c537a17552ffd28a34a721097c46b6.exe
-
Size
430KB
-
MD5
673e77da85c204fd86709475f54dc6b3
-
SHA1
da68a4e5fc62eb5ca2f3394f22d288db7fe5485b
-
SHA256
eb7c12418a94021b58bdf44cd672076858c537a17552ffd28a34a721097c46b6
-
SHA512
6c77602d20db530923e6369a9c9b8ddc86c0dd93198cc7d7538fa6ffda08458952e790b497c056acb0f6df678c4b620841ea0446ff2e219fff598a4b477ea890
-
SSDEEP
6144:hBlL/+lrHomkbgytaFTAGGW56pXrT6DpFpK7ULtVjHIvDp2IWyxRKQXPn03fmoGJ:nNbrGAGGy6pXAhqYA8IhPOfmoGJ
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Agenttesla family
-
AgentTesla payload
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-
-
-
Target
$PLUGINSDIR/woskyvpzx.dll
-
Size
19KB
-
MD5
dd4ff4b24f8b39951e3946a5282b7ed0
-
SHA1
d4d1015d01326ba4526fcff52e4c9bbb271d951e
-
SHA256
f880d09a6f9bc64f974844f92fa9bb764dc2613342fde134d8c037a2267506bc
-
SHA512
6e822b523f15948a42b1d2703525c8f3744fbb6a7e3aff99345908822fbd65dafe38d6972976211f9558c712d65be1c1a42bb9dabb63fb4576c409ce95e93528
-
SSDEEP
384:ZS6zZ1fZeiwx2OoULif7NSrSinQyTL8vj:ZTzZ1BeigaxSrSi2
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Agenttesla family
-
AgentTesla payload
-
Suspicious use of SetThreadContext
-