General
-
Target
4019223246.exe
-
Size
578KB
-
Sample
210226-86yb7ew3we
-
MD5
cbbc71d2c2f3e4fb43d79aa0c2286eb0
-
SHA1
83b3a1cb0e58d08e67de440aee069a6310ffbf05
-
SHA256
371a74d7e241249d2fca30e3d0b61c1d734e17a670bac95d88ae1793cf908f7e
-
SHA512
b2a9795ed6947318e96b6dfd6af3d8e7f1803917ef70f6119524966d5b0f00d93071595cc4fa4b890c0aca9712060fd33b8ffddbfd7735f02fc88af269bc4c2d
Static task
static1
Behavioral task
behavioral1
Sample
4019223246.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
4019223246.exe
Resource
win10v20201028
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
us2.smtp.mailhostbox.com - Port:
587 - Username:
[email protected] - Password:
parida@1971@
Targets
-
-
Target
4019223246.exe
-
Size
578KB
-
MD5
cbbc71d2c2f3e4fb43d79aa0c2286eb0
-
SHA1
83b3a1cb0e58d08e67de440aee069a6310ffbf05
-
SHA256
371a74d7e241249d2fca30e3d0b61c1d734e17a670bac95d88ae1793cf908f7e
-
SHA512
b2a9795ed6947318e96b6dfd6af3d8e7f1803917ef70f6119524966d5b0f00d93071595cc4fa4b890c0aca9712060fd33b8ffddbfd7735f02fc88af269bc4c2d
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-