General
-
Target
ecfd2213123a0a0e27c0530e35c7fa2f.exe
-
Size
804KB
-
Sample
210421-f5ctzt4m1e
-
MD5
ecfd2213123a0a0e27c0530e35c7fa2f
-
SHA1
3dd5d3ff83acecfab13ae1790d5a8b553c88bda2
-
SHA256
89b7ce8de53ccf4aff814e942aa9042022e4644520a09ee1b0b13a429d552ea1
-
SHA512
46b25a93b4db7695e9706f7f213aed9caeee48d4c397bf366b7b31d6f43bdbc2fa785c39f1ad0d543e181984eb0e6516757f90efdc5dc355576eeaaf1ffa5ab9
Static task
static1
Behavioral task
behavioral1
Sample
ecfd2213123a0a0e27c0530e35c7fa2f.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
ecfd2213123a0a0e27c0530e35c7fa2f.exe
Resource
win10v20210410
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
us2.smtp.mailhostbox.com - Port:
587 - Username:
sales@julislinq.com - Password:
27!iaL@!U@L5Ma
Targets
-
-
Target
ecfd2213123a0a0e27c0530e35c7fa2f.exe
-
Size
804KB
-
MD5
ecfd2213123a0a0e27c0530e35c7fa2f
-
SHA1
3dd5d3ff83acecfab13ae1790d5a8b553c88bda2
-
SHA256
89b7ce8de53ccf4aff814e942aa9042022e4644520a09ee1b0b13a429d552ea1
-
SHA512
46b25a93b4db7695e9706f7f213aed9caeee48d4c397bf366b7b31d6f43bdbc2fa785c39f1ad0d543e181984eb0e6516757f90efdc5dc355576eeaaf1ffa5ab9
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-