General
-
Target
SecuriteInfo.com.Trojan.GenericKDZ.73184.3750.27631
-
Size
525KB
-
Sample
210226-rljvjxrs2x
-
MD5
2bd03d4c1239179c36d517da0e25cb30
-
SHA1
e56834e12e88118205c0ecd38659cfa3a203a9a0
-
SHA256
be0c392231ad4edcb62e9a8d147d68a35883114933dbfc8a26d1f45b9a6aaa87
-
SHA512
3f7c5be3caa4431c4ae3567676eb36a9ed5d1f54d09fe8ea8de4d918c8bf5dffcd06e873e22f2973842a16297fcad59f354838805beea6086c193ed615c1496d
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.GenericKDZ.73184.3750.27631.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.GenericKDZ.73184.3750.27631.exe
Resource
win10v20201028
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.privateemail.com - Port:
587 - Username:
[email protected] - Password:
@Mexico1.,
Targets
-
-
Target
SecuriteInfo.com.Trojan.GenericKDZ.73184.3750.27631
-
Size
525KB
-
MD5
2bd03d4c1239179c36d517da0e25cb30
-
SHA1
e56834e12e88118205c0ecd38659cfa3a203a9a0
-
SHA256
be0c392231ad4edcb62e9a8d147d68a35883114933dbfc8a26d1f45b9a6aaa87
-
SHA512
3f7c5be3caa4431c4ae3567676eb36a9ed5d1f54d09fe8ea8de4d918c8bf5dffcd06e873e22f2973842a16297fcad59f354838805beea6086c193ed615c1496d
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-