General
-
Target
12750093224_20210420_07055957.exe
-
Size
877KB
-
Sample
210421-6txzexdkjx
-
MD5
c5eac79e41322b5016bd67192a08234e
-
SHA1
4823a920433ef6daf192277373d714e86dd252d9
-
SHA256
85da2f1ffeba833ebdf00ad09e45e4d8c656fb2706e1bf69275c7a32bb77605f
-
SHA512
10b09bd8c7126950c8a142fbc41bd312557194f3b0c82f360e024ef3195d7ed7d49cfe2965863414dcffe77256afa7329d4e2889f54008157f5d5b9cb701cbb1
Static task
static1
Behavioral task
behavioral1
Sample
12750093224_20210420_07055957.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
12750093224_20210420_07055957.exe
Resource
win10v20210410
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.microhydrotechnic.co.in - Port:
587 - Username:
service@microhydrotechnic.co.in - Password:
saibaba1974
Targets
-
-
Target
12750093224_20210420_07055957.exe
-
Size
877KB
-
MD5
c5eac79e41322b5016bd67192a08234e
-
SHA1
4823a920433ef6daf192277373d714e86dd252d9
-
SHA256
85da2f1ffeba833ebdf00ad09e45e4d8c656fb2706e1bf69275c7a32bb77605f
-
SHA512
10b09bd8c7126950c8a142fbc41bd312557194f3b0c82f360e024ef3195d7ed7d49cfe2965863414dcffe77256afa7329d4e2889f54008157f5d5b9cb701cbb1
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-