General
-
Target
d9667de328dbeef055555f0303914558.exe
-
Size
826KB
-
Sample
210421-bcbv56n6ye
-
MD5
d9667de328dbeef055555f0303914558
-
SHA1
8234abd9ce4a8dc1f88d0213e31871f7f3bce2bb
-
SHA256
3f2ce17fe342c19e6ac9890f379841df3c448099e6565b9906538b463fc02932
-
SHA512
41b3cde7ce605744a912656de3791d33f0c840965faef156d2a0bdb7d520c619f57f08c356e9bd193430bfdd381bcc0bee832616a9f58b12bc38324fa231e0ca
Static task
static1
Behavioral task
behavioral1
Sample
d9667de328dbeef055555f0303914558.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
d9667de328dbeef055555f0303914558.exe
Resource
win10v20210410
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
us2.smtp.mailhostbox.com - Port:
587 - Username:
sales@julislinq.com - Password:
27!iaL@!U@L5Ma
Targets
-
-
Target
d9667de328dbeef055555f0303914558.exe
-
Size
826KB
-
MD5
d9667de328dbeef055555f0303914558
-
SHA1
8234abd9ce4a8dc1f88d0213e31871f7f3bce2bb
-
SHA256
3f2ce17fe342c19e6ac9890f379841df3c448099e6565b9906538b463fc02932
-
SHA512
41b3cde7ce605744a912656de3791d33f0c840965faef156d2a0bdb7d520c619f57f08c356e9bd193430bfdd381bcc0bee832616a9f58b12bc38324fa231e0ca
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-