General
-
Target
Bank account swift.exe
-
Size
421KB
-
Sample
200630-nbx21pbcma
-
MD5
c56a303609aed297daeaa2168d7d3ff5
-
SHA1
18001149ab9cac574b43ae64646600eca00ac0bf
-
SHA256
806739222ffaed70608883fc8f825a1a6550b071946fe370e63dff0f50dd640e
-
SHA512
4d0c10d88b78ea16f5bf12775fc54b65055ba7566b9e6a54ac1729c5e5ddf537feffe071b1e9c015fe0894fe642b9eec3e8f970a4a987b50d7cc6f76a6c72951
Static task
static1
Behavioral task
behavioral1
Sample
Bank account swift.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
Bank account swift.exe
Resource
win10
Malware Config
Targets
-
-
Target
Bank account swift.exe
-
Size
421KB
-
MD5
c56a303609aed297daeaa2168d7d3ff5
-
SHA1
18001149ab9cac574b43ae64646600eca00ac0bf
-
SHA256
806739222ffaed70608883fc8f825a1a6550b071946fe370e63dff0f50dd640e
-
SHA512
4d0c10d88b78ea16f5bf12775fc54b65055ba7566b9e6a54ac1729c5e5ddf537feffe071b1e9c015fe0894fe642b9eec3e8f970a4a987b50d7cc6f76a6c72951
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-