General
-
Target
Copyofreceipt.scr
-
Size
507KB
-
Sample
210223-zz5x91l6we
-
MD5
6f9340718bf2defbdb4b438d80857fb3
-
SHA1
ddfe78ec1db2fbec98ee87235938223360bae49d
-
SHA256
26b8405b53da2fa69471859793721f24e5c407bb4d2af8537e21e244c4363f55
-
SHA512
d971042a10a141cb876d2ae3a69ebc7b9cfb740238b83fc59424344b15c2d9baa09c624a925878c6a5e9e9de8f36cef34d49a6aa65b5a729d4aa56da4a112b82
Static task
static1
Behavioral task
behavioral1
Sample
Copyofreceipt.scr
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Copyofreceipt.scr
Resource
win10v20201028
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.ccglass.co.za - Port:
587 - Username:
zenovia@ccglass.co.za - Password:
Tum145ram@
Targets
-
-
Target
Copyofreceipt.scr
-
Size
507KB
-
MD5
6f9340718bf2defbdb4b438d80857fb3
-
SHA1
ddfe78ec1db2fbec98ee87235938223360bae49d
-
SHA256
26b8405b53da2fa69471859793721f24e5c407bb4d2af8537e21e244c4363f55
-
SHA512
d971042a10a141cb876d2ae3a69ebc7b9cfb740238b83fc59424344b15c2d9baa09c624a925878c6a5e9e9de8f36cef34d49a6aa65b5a729d4aa56da4a112b82
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-