General
-
Target
RFQ# ZAT77095_pdf.scr
-
Size
1001KB
-
Sample
210408-xhpzfysrq2
-
MD5
a68e022018d05e68ab3cfa488af1c998
-
SHA1
c826625d790173e42ad53ca5e33879c35069996b
-
SHA256
56757accfe00022eadd58f3f82ff5b4de4d2aa6e3fe427fa990af3d31723ebd9
-
SHA512
64739d5a31d7b3b4870005d84d157ac5b19d31647771e072e75e7d28ddc3259e5d00fd3cf8b7bcfe8c564d9ce96c4a4fdcc1509e9455ff7d900371565795719a
Static task
static1
Behavioral task
behavioral1
Sample
RFQ# ZAT77095_pdf.scr
Resource
win7v20201028
Behavioral task
behavioral2
Sample
RFQ# ZAT77095_pdf.scr
Resource
win10v20201028
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.yandex.ru - Port:
587 - Username:
emmanuel.chiboy@yandex.ru - Password:
emmanuel123456789
Targets
-
-
Target
RFQ# ZAT77095_pdf.scr
-
Size
1001KB
-
MD5
a68e022018d05e68ab3cfa488af1c998
-
SHA1
c826625d790173e42ad53ca5e33879c35069996b
-
SHA256
56757accfe00022eadd58f3f82ff5b4de4d2aa6e3fe427fa990af3d31723ebd9
-
SHA512
64739d5a31d7b3b4870005d84d157ac5b19d31647771e072e75e7d28ddc3259e5d00fd3cf8b7bcfe8c564d9ce96c4a4fdcc1509e9455ff7d900371565795719a
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Adds Run key to start application
-