General
-
Target
cpGoM9vVOEuBvfH.exe
-
Size
458KB
-
Sample
201109-26x2e1bjbx
-
MD5
e620cb9ccee4b0460a3af37e72e57a9f
-
SHA1
c38a182b62104ec7bde609ff36a99ca2972da19b
-
SHA256
5a38c1770a9728871ebf9a8a4b7b9e676fe5ace9c9b4a1a5d64f8ae86044fa97
-
SHA512
f2f72556fedfe983451b8828a8aafce8b5a9f247466b4ed755a17d16766017623d978a4d1ed65bc657fb10fa48fc84c640d9c67d20731311740cb0defc757436
Static task
static1
Behavioral task
behavioral1
Sample
cpGoM9vVOEuBvfH.exe
Resource
win7v20201028
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.privateemail.com - Port:
587 - Username:
v.clemens@slee-de.me - Password:
@mexicod1.,
Targets
-
-
Target
cpGoM9vVOEuBvfH.exe
-
Size
458KB
-
MD5
e620cb9ccee4b0460a3af37e72e57a9f
-
SHA1
c38a182b62104ec7bde609ff36a99ca2972da19b
-
SHA256
5a38c1770a9728871ebf9a8a4b7b9e676fe5ace9c9b4a1a5d64f8ae86044fa97
-
SHA512
f2f72556fedfe983451b8828a8aafce8b5a9f247466b4ed755a17d16766017623d978a4d1ed65bc657fb10fa48fc84c640d9c67d20731311740cb0defc757436
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-