General
-
Target
SecuriteInfo.com.Trojan.GenericKDZ.73184.1978.29102
-
Size
531KB
-
Sample
210226-xswk9c6ajs
-
MD5
9feb0a5719f215f9a50ec42f4e139c31
-
SHA1
c83e0f257259030ae0c65a2f0312f5a2e056113d
-
SHA256
d99e9fd1092f9fa603bb5b45c91f716778d8a293eb5588969022d6a4e6834fc1
-
SHA512
f422ad8406f1ec7a4cda5459ac37542b61168e977a0a53b16290aa1150e20bc517a26acd18eecb87de32ec211d2919bc16a6e9c8b8e536ff9c37165139c9760c
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.GenericKDZ.73184.1978.29102.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.GenericKDZ.73184.1978.29102.exe
Resource
win10v20201028
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.privateemail.com - Port:
587 - Username:
[email protected] - Password:
@Mexico1.,
Targets
-
-
Target
SecuriteInfo.com.Trojan.GenericKDZ.73184.1978.29102
-
Size
531KB
-
MD5
9feb0a5719f215f9a50ec42f4e139c31
-
SHA1
c83e0f257259030ae0c65a2f0312f5a2e056113d
-
SHA256
d99e9fd1092f9fa603bb5b45c91f716778d8a293eb5588969022d6a4e6834fc1
-
SHA512
f422ad8406f1ec7a4cda5459ac37542b61168e977a0a53b16290aa1150e20bc517a26acd18eecb87de32ec211d2919bc16a6e9c8b8e536ff9c37165139c9760c
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-