General
-
Target
DINTEC Order List 14012021.exe
-
Size
673KB
-
Sample
210114-l5tr7mcse6
-
MD5
f49113b2bfcd362479248c011aedad15
-
SHA1
730d2f07cc7f0634b9aa24b0d64f75a57fe1b45e
-
SHA256
7e91bd9c26986e7437f8dc154a39978a042f8f1240067c907e8f49b791d3dc07
-
SHA512
daefa7258a37269d14a80493ceed25aeafb74a3fd03b5722dbfdc9ae22d09f691b8599d4d06bd53b0e50edb8ad55796b7640e7c1710297a3e70df62dac48685e
Static task
static1
Behavioral task
behavioral1
Sample
DINTEC Order List 14012021.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
DINTEC Order List 14012021.exe
Resource
win10v20201028
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.vivaldi.net - Port:
587 - Username:
[email protected] - Password:
Grace@331011Thinck
Targets
-
-
Target
DINTEC Order List 14012021.exe
-
Size
673KB
-
MD5
f49113b2bfcd362479248c011aedad15
-
SHA1
730d2f07cc7f0634b9aa24b0d64f75a57fe1b45e
-
SHA256
7e91bd9c26986e7437f8dc154a39978a042f8f1240067c907e8f49b791d3dc07
-
SHA512
daefa7258a37269d14a80493ceed25aeafb74a3fd03b5722dbfdc9ae22d09f691b8599d4d06bd53b0e50edb8ad55796b7640e7c1710297a3e70df62dac48685e
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-