General
-
Target
Bank details.pdf.xlx.bat
-
Size
458KB
-
Sample
200624-cw1g755n9s
-
MD5
cfe564351e6b4077a2408967ed77deec
-
SHA1
a2601f58f3659593da9c113b05a082d79b10cd73
-
SHA256
3fed11bcfa0ec80fa94626f65c9b397d2117782bc5efae636e3ee0462ca9e42d
-
SHA512
1ffcb47e15b9e373340820fcf2fb357bd61b8d7f407e2575a2944e65472264dbde235a83a403a988efb4e6b9cae4a01f2cac558790b12006bf71046db424b347
Static task
static1
Behavioral task
behavioral1
Sample
Bank details.pdf.xlx.bat.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
Bank details.pdf.xlx.bat.exe
Resource
win10
Malware Config
Targets
-
-
Target
Bank details.pdf.xlx.bat
-
Size
458KB
-
MD5
cfe564351e6b4077a2408967ed77deec
-
SHA1
a2601f58f3659593da9c113b05a082d79b10cd73
-
SHA256
3fed11bcfa0ec80fa94626f65c9b397d2117782bc5efae636e3ee0462ca9e42d
-
SHA512
1ffcb47e15b9e373340820fcf2fb357bd61b8d7f407e2575a2944e65472264dbde235a83a403a988efb4e6b9cae4a01f2cac558790b12006bf71046db424b347
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-