General
-
Target
Datasheet Powertech Controls Co Inc.exe
-
Size
542KB
-
Sample
201109-qee4bgrmzj
-
MD5
2c821bae3bd8a38396fd7ee821665586
-
SHA1
e5f42f355e7a7b1d38de82c90b3cff9572029f95
-
SHA256
003821b2e5b59f6688fe51752164c575ef41e230d206a13c365067c5bbd02000
-
SHA512
e21ff3fb70733d9e29de75c0fd962dee790fbb16e7aafce124877a46a3d387d4df9efba00d70b4528276d34a4fc169949954662f695e3a19089289299e2ea645
Behavioral task
behavioral1
Sample
Datasheet Powertech Controls Co Inc.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Datasheet Powertech Controls Co Inc.exe
Resource
win10v20201028
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.alvadiwipa.com - Port:
587 - Username:
murti@alvadiwipa.com - Password:
glodokplaza15
Extracted
Protocol: smtp- Host:
mail.alvadiwipa.com - Port:
587 - Username:
murti@alvadiwipa.com - Password:
glodokplaza15
Targets
-
-
Target
Datasheet Powertech Controls Co Inc.exe
-
Size
542KB
-
MD5
2c821bae3bd8a38396fd7ee821665586
-
SHA1
e5f42f355e7a7b1d38de82c90b3cff9572029f95
-
SHA256
003821b2e5b59f6688fe51752164c575ef41e230d206a13c365067c5bbd02000
-
SHA512
e21ff3fb70733d9e29de75c0fd962dee790fbb16e7aafce124877a46a3d387d4df9efba00d70b4528276d34a4fc169949954662f695e3a19089289299e2ea645
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-