General
-
Target
RFQ.exe
-
Size
571KB
-
Sample
200707-vl9k5srrgn
-
MD5
eb120bf762fc616fd7dcae9751c53dff
-
SHA1
cf7610bcf07b760b03f1b867aed115ce18e45d18
-
SHA256
f17f88079f997a584c219a64b4105b6f98a6356f16a557bc0328758655d8fb99
-
SHA512
eb63c4382ed441db27c7a8abdef4ba8f2600e7ab322830635be634824b6445f7a8a4e98c365156257757add9c7f2016a6d9c2a2115543d82efa3f87cfcb7cba5
Score
10/10
Malware Config
Extracted
Family
agenttesla
Credentials
Protocol: smtp- Host:
smtp.yandex.com - Port:
587 - Username:
[email protected] - Password:
smart123456smart
Targets
-
-
Target
RFQ.exe
-
Size
571KB
-
MD5
eb120bf762fc616fd7dcae9751c53dff
-
SHA1
cf7610bcf07b760b03f1b867aed115ce18e45d18
-
SHA256
f17f88079f997a584c219a64b4105b6f98a6356f16a557bc0328758655d8fb99
-
SHA512
eb63c4382ed441db27c7a8abdef4ba8f2600e7ab322830635be634824b6445f7a8a4e98c365156257757add9c7f2016a6d9c2a2115543d82efa3f87cfcb7cba5
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-