General
-
Target
DHL-AWB.exe
-
Size
569KB
-
Sample
200716-4hy167qpvn
-
MD5
fa9482cfddfea01ef410ea3cf64f108b
-
SHA1
243d8e4ac47601f0399f37cb7859d0900d587798
-
SHA256
a221aea48e4c8450ffde297704231b8023ee99a1e98892c3958dc3072bb33f16
-
SHA512
0b90c10070e9e6a662f9ab5d4a55bb225814eb542ff4538398dd3147da842b5f00660c7a88cd02444c8fa46477894732422ca44fa9a251b8f216c91c5b8e716c
Score
10/10
Malware Config
Extracted
Family
agenttesla
Credentials
Protocol: smtp- Host:
smtp.mosiactex.com - Port:
587 - Username:
[email protected] - Password:
ip(pPiq9
Targets
-
-
Target
DHL-AWB.exe
-
Size
569KB
-
MD5
fa9482cfddfea01ef410ea3cf64f108b
-
SHA1
243d8e4ac47601f0399f37cb7859d0900d587798
-
SHA256
a221aea48e4c8450ffde297704231b8023ee99a1e98892c3958dc3072bb33f16
-
SHA512
0b90c10070e9e6a662f9ab5d4a55bb225814eb542ff4538398dd3147da842b5f00660c7a88cd02444c8fa46477894732422ca44fa9a251b8f216c91c5b8e716c
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-