General
-
Target
0AD260C9687C8756716632F751DD869507BECCEEB5FFBB404EFF6D6E870ADAFE
-
Size
1.1MB
-
Sample
250103-jnabwaxnep
-
MD5
13c33390a3907b89ab99447c7f10418f
-
SHA1
c873b488f30399ce896607d39534cf6454b4872e
-
SHA256
0ad260c9687c8756716632f751dd869507becceeb5ffbb404eff6d6e870adafe
-
SHA512
37aa985597bbdf9ea2a7877a5af1447e285eab5aa3ae04134e5e99c99dee2357d1427649b2eb0d79eb7d0be5b9f5907c2e181f2dc7f1307fc46441a0e7a12609
-
SSDEEP
24576:Stb20pkaCqT5TBWgNQ7aO/E46DTMcKeE56A:fVg5tQ7aOsvhKn5
Static task
static1
Behavioral task
behavioral1
Sample
0AD260C9687C8756716632F751DD869507BECCEEB5FFBB404EFF6D6E870ADAFE.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0AD260C9687C8756716632F751DD869507BECCEEB5FFBB404EFF6D6E870ADAFE.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
0AD260C9687C8756716632F751DD869507BECCEEB5FFBB404EFF6D6E870ADAFE
-
Size
1.1MB
-
MD5
13c33390a3907b89ab99447c7f10418f
-
SHA1
c873b488f30399ce896607d39534cf6454b4872e
-
SHA256
0ad260c9687c8756716632f751dd869507becceeb5ffbb404eff6d6e870adafe
-
SHA512
37aa985597bbdf9ea2a7877a5af1447e285eab5aa3ae04134e5e99c99dee2357d1427649b2eb0d79eb7d0be5b9f5907c2e181f2dc7f1307fc46441a0e7a12609
-
SSDEEP
24576:Stb20pkaCqT5TBWgNQ7aO/E46DTMcKeE56A:fVg5tQ7aOsvhKn5
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Agenttesla family
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-