General
-
Target
06fd0b6bc3e7b7c845aeafc74e2c019d.exe
-
Size
1.0MB
-
Sample
210421-s81zjsx8l6
-
MD5
06fd0b6bc3e7b7c845aeafc74e2c019d
-
SHA1
1243f21c4001903765a08f7bfd4a7eee4fb0e0bb
-
SHA256
56ee229433098f5a7d7dc066e4a66ddfc45f2af20188a9e9fab38a059ccce045
-
SHA512
d255d9b2a9522f4c86479a6b87777c06b145ba2f23f081fbfeeb839d076b35d1d4f2e5fb591369ecd16681a03fbac52f05fba2db3174a2797344869f720189aa
Static task
static1
Behavioral task
behavioral1
Sample
06fd0b6bc3e7b7c845aeafc74e2c019d.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
06fd0b6bc3e7b7c845aeafc74e2c019d.exe
Resource
win10v20210408
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
us2.smtp.mailhostbox.com - Port:
587 - Username:
razilogs@razilogs.com - Password:
FUCKYOU3116
Targets
-
-
Target
06fd0b6bc3e7b7c845aeafc74e2c019d.exe
-
Size
1.0MB
-
MD5
06fd0b6bc3e7b7c845aeafc74e2c019d
-
SHA1
1243f21c4001903765a08f7bfd4a7eee4fb0e0bb
-
SHA256
56ee229433098f5a7d7dc066e4a66ddfc45f2af20188a9e9fab38a059ccce045
-
SHA512
d255d9b2a9522f4c86479a6b87777c06b145ba2f23f081fbfeeb839d076b35d1d4f2e5fb591369ecd16681a03fbac52f05fba2db3174a2797344869f720189aa
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-