General
-
Target
e464a2d9934812818fc4f5e410399ae3.exe
-
Size
526KB
-
Sample
210226-5jra2hmk92
-
MD5
e464a2d9934812818fc4f5e410399ae3
-
SHA1
30ff845d5d2475bd3cabd77bf3f07abad8e2ea21
-
SHA256
102b0bdae4e027e3e115490a1fe904b1a9f4fd9e4e52243719ee1167ec4ed62a
-
SHA512
60534f80fddf03bf092fbcfef59586c035417be579be201a21586520e94f13a0393bdd6d4d1ccfed0634d458919e99058537fb93c1f00aad991c5dafdf4ab305
Static task
static1
Behavioral task
behavioral1
Sample
e464a2d9934812818fc4f5e410399ae3.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
e464a2d9934812818fc4f5e410399ae3.exe
Resource
win10v20201028
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.privateemail.com - Port:
587 - Username:
[email protected] - Password:
@Mexico1.,
Targets
-
-
Target
e464a2d9934812818fc4f5e410399ae3.exe
-
Size
526KB
-
MD5
e464a2d9934812818fc4f5e410399ae3
-
SHA1
30ff845d5d2475bd3cabd77bf3f07abad8e2ea21
-
SHA256
102b0bdae4e027e3e115490a1fe904b1a9f4fd9e4e52243719ee1167ec4ed62a
-
SHA512
60534f80fddf03bf092fbcfef59586c035417be579be201a21586520e94f13a0393bdd6d4d1ccfed0634d458919e99058537fb93c1f00aad991c5dafdf4ab305
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-