General
-
Target
Complaint About Your Company.exe
-
Size
820KB
-
Sample
210226-dyjsh9ehta
-
MD5
ad8e516a03685e3bbf2cfde99b0a06a9
-
SHA1
913240ddb22665b0e244cc69eb22aaa8fc3d49f5
-
SHA256
6d84f67c5ce01feb377d1e1bb8959251aac2e23fac027029e7d3a8548a3300a5
-
SHA512
eb5dc5763722192f4f0d913bc1d77869470e56b1592c3de9a91ddcf4af8a68373aa1877d5a9a01421f0ba2766266cd8a1e15e7abda14bad912be6ebe1a30b311
Malware Config
Extracted
agenttesla
Protocol: ftp- Host:
ftp://files.000webhost.com/ - Port:
21 - Username:
zinco - Password:
computer147
Targets
-
-
Target
Complaint About Your Company.exe
-
Size
820KB
-
MD5
ad8e516a03685e3bbf2cfde99b0a06a9
-
SHA1
913240ddb22665b0e244cc69eb22aaa8fc3d49f5
-
SHA256
6d84f67c5ce01feb377d1e1bb8959251aac2e23fac027029e7d3a8548a3300a5
-
SHA512
eb5dc5763722192f4f0d913bc1d77869470e56b1592c3de9a91ddcf4af8a68373aa1877d5a9a01421f0ba2766266cd8a1e15e7abda14bad912be6ebe1a30b311
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-