General
-
Target
dump.rar
-
Size
158KB
-
Sample
210419-6exze5st4x
-
MD5
d6bd107049bff6b7a59502f40d20b0bc
-
SHA1
37b8c5b79371570d28d631d234a757cd07b753b1
-
SHA256
0f617049659986b02917d463441e3279c61b93a2d86ce71daf9ada93a7ac4e73
-
SHA512
fc9f95a9e555eb30cea6264ee28e0737e3d6c8340c2e4f25177b509b3fc7ca2705281e70a90b229282efb873c538bfe8103c9765bea9c73a2f8f0b13c02dcfd5
Static task
static1
Behavioral task
behavioral1
Sample
dump.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
dump.exe
Resource
win10v20210408
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.gmail.com - Port:
587 - Username:
[email protected] - Password:
Facebook005
Targets
-
-
Target
dump.exe
-
Size
667KB
-
MD5
a5edc227389610e83ea8275c3ecb38f8
-
SHA1
3f2d3380d0e1d600b0f304714a39bcd5def219be
-
SHA256
bf6374ead4f824c937cb4a8ca8f2ad891c7c8e34607c32ad1b73a8eba5b8d2a3
-
SHA512
7cd0408b9eb602b1e22cccb74c3ccaa52e7e86bedafcb5bf8d157cf9797feddcee32e3c06b4ffced5399b34ae9bec85114e40591ec94a058ea8c6b435629d826
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Adds Run key to start application
-