General
-
Target
SecuriteInfo.com.Troj.Kryptik-VJ.3407.30574
-
Size
315KB
-
Sample
210421-4z4f7brjkx
-
MD5
3a692065da4431a90f59c2a7bc08ea05
-
SHA1
5a14506f1e4768cf38415efa74b63ee9c4d35d4a
-
SHA256
54cbf563334d886d981722181262d0b4d789d401e01c144001f7920cec661a65
-
SHA512
1a38dbb8d13d78bba2bf03b4481bc13d559b19bf0923075f2970331590668caed79e15256cd7e0d4f5ba783e887f421db3b87e8ec395c4f08ae81b2e7dc27063
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Troj.Kryptik-VJ.3407.30574.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Troj.Kryptik-VJ.3407.30574.exe
Resource
win10v20210408
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.privateemail.com - Port:
587 - Username:
eammorris@askoblue.com - Password:
zQHG#uz5
Targets
-
-
Target
SecuriteInfo.com.Troj.Kryptik-VJ.3407.30574
-
Size
315KB
-
MD5
3a692065da4431a90f59c2a7bc08ea05
-
SHA1
5a14506f1e4768cf38415efa74b63ee9c4d35d4a
-
SHA256
54cbf563334d886d981722181262d0b4d789d401e01c144001f7920cec661a65
-
SHA512
1a38dbb8d13d78bba2bf03b4481bc13d559b19bf0923075f2970331590668caed79e15256cd7e0d4f5ba783e887f421db3b87e8ec395c4f08ae81b2e7dc27063
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-