Static task
static1
Behavioral task
behavioral1
Sample
aLjBjGUvWecwGptNRQryBtRBaVCtO.exe
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
aLjBjGUvWecwGptNRQryBtRBaVCtO.exe
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
aLjBjGUvWecwGptNRQryBtRBaVCtO.exe
-
Size
215KB
-
MD5
db3f95f2c39e8547f1fa72c608a8be11
-
SHA1
12c449b97c31faf2a43bd8eb3e91e9b1fd15672c
-
SHA256
25f6ed9bb32723c139d4abfccf345db631a8483dde664eabd956071ee4b08de4
-
SHA512
d72698da82a4d80e460405101b7de3ec33b4d9baa9be3fe53950c3d9d46646e3d4722767d094d2754bdb29cdec7aadcd985df3fe10d01f4d72d521bf0b5fc0ee
Score
10/10
Malware Config
Extracted
Family
agenttesla
Credentials
Protocol: smtp- Host:
mail.cefortem.cat - Port:
587 - Username:
presidencia@cefortem.cat - Password:
Vft284Rpyn
Signatures
-
AgentTesla Payload 1 IoCs
Processes:
resource yara_rule sample family_agenttesla -
Agenttesla family
Files
-
aLjBjGUvWecwGptNRQryBtRBaVCtO.exe.exe windows x86