General
-
Target
DHL-#AWB130501923096.pdf.exe
-
Size
580KB
-
Sample
200707-z1q9ab23qx
-
MD5
14f101774538a109fb276b133d57cb40
-
SHA1
525c55f93fb99e1aff4f0ada394eb665f549aa0c
-
SHA256
853b8b5ab3cbde2381a1e4a6721ea06faf392dcab12c955fd908b7da578d6e37
-
SHA512
7049c14634a9c56a44512bf2db51a4dd9137ee5b8772861c74686a1c2d26770832c1e5397a76d6aa8c0f75583feb8c5ad37dfd2e05e2c9801cf7198afd99c44c
Static task
static1
Behavioral task
behavioral1
Sample
DHL-#AWB130501923096.pdf.exe
Resource
win7
Behavioral task
behavioral2
Sample
DHL-#AWB130501923096.pdf.exe
Resource
win10v200430
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.yandex.com - Port:
587 - Username:
[email protected] - Password:
faith12AB
Targets
-
-
Target
DHL-#AWB130501923096.pdf.exe
-
Size
580KB
-
MD5
14f101774538a109fb276b133d57cb40
-
SHA1
525c55f93fb99e1aff4f0ada394eb665f549aa0c
-
SHA256
853b8b5ab3cbde2381a1e4a6721ea06faf392dcab12c955fd908b7da578d6e37
-
SHA512
7049c14634a9c56a44512bf2db51a4dd9137ee5b8772861c74686a1c2d26770832c1e5397a76d6aa8c0f75583feb8c5ad37dfd2e05e2c9801cf7198afd99c44c
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-