Static task
static1
Behavioral task
behavioral1
Sample
luckyfr.exe
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
luckyfr.exe
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
luckyfr.exe
-
Size
214KB
-
MD5
13bb24e681ae113fdb4e3747badd113c
-
SHA1
204e1eb03aaab856e14a8236a0c2a832ddaaf6b1
-
SHA256
eb362970c0081effbcdab7ce1f6c91d6921ff7f6e3e8e411238404f8d0549483
-
SHA512
cfd952e973235be7fc2dd0faee818c46d08244073f7b18bba830a9584d29bd2832201942600df7311647cd011786922d30211f9b3f72431170442230bf1265f1
Score
10/10
Malware Config
Extracted
Family
agenttesla
Credentials
Protocol: smtp- Host:
smtp.cavannaqroup.com - Port:
587 - Username:
[email protected] - Password:
t6nq*7!tdZ}Z
Signatures
-
AgentTesla Payload 1 IoCs
Processes:
resource yara_rule sample family_agenttesla -
Agenttesla family
Files
-
luckyfr.exe.exe windows x86