General
-
Target
RFQ_8161000034210004532100.exe
-
Size
1.5MB
-
Sample
250122-xend2a1jhl
-
MD5
2bded61228ad804396f40371d93a283e
-
SHA1
8da4b8e78fe3b6f124b38d3b1c67557c23a4f5fd
-
SHA256
a143be8339372fcc4a8165466584453a9399dbf3adec6fc458932aba3a06bfad
-
SHA512
95de0bf6b37b548287ba5c7ec14f3ed750f9607495b790b1907b4a6a90a9ab6caa8bbdf9ddd78d000de64fc04b8f884ba2fa7ab7e43c29a12f356858c3873da1
-
SSDEEP
24576:Gtb20pkaCqT5TBWgNQ7aGob0e9op0LCpoDg4+iOw6A:zVg5tQ7aGiPagCes4+ir5
Malware Config
Targets
-
-
Target
RFQ_8161000034210004532100.exe
-
Size
1.5MB
-
MD5
2bded61228ad804396f40371d93a283e
-
SHA1
8da4b8e78fe3b6f124b38d3b1c67557c23a4f5fd
-
SHA256
a143be8339372fcc4a8165466584453a9399dbf3adec6fc458932aba3a06bfad
-
SHA512
95de0bf6b37b548287ba5c7ec14f3ed750f9607495b790b1907b4a6a90a9ab6caa8bbdf9ddd78d000de64fc04b8f884ba2fa7ab7e43c29a12f356858c3873da1
-
SSDEEP
24576:Gtb20pkaCqT5TBWgNQ7aGob0e9op0LCpoDg4+iOw6A:zVg5tQ7aGiPagCes4+ir5
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Agenttesla family
-
Suspicious use of SetThreadContext
-