General
-
Target
2cb99cb1317f6a6a32136bbbcc5caafc.exe
-
Size
709KB
-
Sample
210226-969eqq6ke6
-
MD5
2cb99cb1317f6a6a32136bbbcc5caafc
-
SHA1
47ac125fe5d0bd324fe925ed1b81195ceb6e3401
-
SHA256
addeaa9112c1a5befaa1812f8c95bfae28181b22e7b4c733093079e100e837f3
-
SHA512
d92f9dd548d2b6776e0925a629a4d7dfa958797e5135cf3ced3e26ecb01e568de8eb36698d2cfb83904c7243a3eda2a1a0758b2171f90dd0041e62cd276a1e5f
Static task
static1
Behavioral task
behavioral1
Sample
2cb99cb1317f6a6a32136bbbcc5caafc.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
2cb99cb1317f6a6a32136bbbcc5caafc.exe
Resource
win10v20201028
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.mail.com - Port:
587 - Username:
[email protected] - Password:
Smallone123
Targets
-
-
Target
2cb99cb1317f6a6a32136bbbcc5caafc.exe
-
Size
709KB
-
MD5
2cb99cb1317f6a6a32136bbbcc5caafc
-
SHA1
47ac125fe5d0bd324fe925ed1b81195ceb6e3401
-
SHA256
addeaa9112c1a5befaa1812f8c95bfae28181b22e7b4c733093079e100e837f3
-
SHA512
d92f9dd548d2b6776e0925a629a4d7dfa958797e5135cf3ced3e26ecb01e568de8eb36698d2cfb83904c7243a3eda2a1a0758b2171f90dd0041e62cd276a1e5f
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-