Overview

overview

10

Static

static

10

New PO.pdf..exe

windows7_x64

10

New PO.pdf..exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    New PO.pdf..rar

  • Size

    87KB

  • MD5

    3a7c1ed8b8db079e94e6ad0952878cd4

  • SHA1

    d9beb5447553c4d55633201782e4723dc267cbc3

  • SHA256

    9b449366cea4582b9fe4f1bfdf4e394c4ab3563d64b4c0ccf823874d3f781a60

  • SHA512

    b13ce03db59eb16a2773440427cea481589c5263e4297fcd41c6d96d5f42dc388b8c6fe06350323a1662126b97b3512fa68353d8d803548f31730e7e70f1032c

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    mail.etc-ks.com
  • Port:
    587
  • Username:
    etc.express1@etc-ks.com
  • Password:
    bEK2FBG#ds|K

Signatures

  • AgentTesla Payload 1 IoCs
  • Agenttesla family
    agenttesla

Files

  • New PO.pdf..rar
    .rar
  • New PO.pdf..exe
    .exe windows x86