General
-
Target
Scan 0007052020.exe
-
Size
520KB
-
Sample
201109-q5xnal2eqx
-
MD5
06d49c3d910b149dc1f89341b0209c7e
-
SHA1
eee501121dd58f5e9e837a346436eedd89719ccf
-
SHA256
03ffe4f20fb755df6d624c00fa8146eb3870b55fa5356d25b50ebfc197f7ade4
-
SHA512
e8041f5f462e14e4a004fe353582e90231be9b05a6d6ec7a32ec73602d849db3d1d2f4be1409970144a1dfe1475a16d7b4f2cf9fbe16a86e30754b0675fa92dd
Score
10/10
Malware Config
Extracted
Family
agenttesla
Credentials
Protocol: smtp- Host:
smtp.yandex.com - Port:
587 - Username:
victor77514@yandex.com - Password:
Great@12345
Extracted
Credentials
Protocol: smtp- Host:
smtp.yandex.com - Port:
587 - Username:
victor77514@yandex.com - Password:
Great@12345
Targets
-
-
Target
Scan 0007052020.exe
-
Size
520KB
-
MD5
06d49c3d910b149dc1f89341b0209c7e
-
SHA1
eee501121dd58f5e9e837a346436eedd89719ccf
-
SHA256
03ffe4f20fb755df6d624c00fa8146eb3870b55fa5356d25b50ebfc197f7ade4
-
SHA512
e8041f5f462e14e4a004fe353582e90231be9b05a6d6ec7a32ec73602d849db3d1d2f4be1409970144a1dfe1475a16d7b4f2cf9fbe16a86e30754b0675fa92dd
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-