General
-
Target
2.exe
-
Size
1.2MB
-
Sample
210422-dknljcr4ya
-
MD5
b86c18379bb65ae5f0360660e03134e6
-
SHA1
7637e6a6a0084b4fb31fd469f904e69555345d76
-
SHA256
3ff025b2afb4238d8f324a45882291f830ff581d6bec17a0cc2d86c58ce5f896
-
SHA512
f482ab69f3c35a09ab35a991deb2a25aaf8a22c3a76885d846795da5247fd139ebf2e60fe1cecad131b33bfba082498f9b62cbfb02f981fcc634869b4b6cbe8d
Static task
static1
Behavioral task
behavioral1
Sample
2.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
2.exe
Resource
win10v20210408
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.gmail.com - Port:
587 - Username:
[email protected] - Password:
Facebook005
Targets
-
-
Target
2.exe
-
Size
1.2MB
-
MD5
b86c18379bb65ae5f0360660e03134e6
-
SHA1
7637e6a6a0084b4fb31fd469f904e69555345d76
-
SHA256
3ff025b2afb4238d8f324a45882291f830ff581d6bec17a0cc2d86c58ce5f896
-
SHA512
f482ab69f3c35a09ab35a991deb2a25aaf8a22c3a76885d846795da5247fd139ebf2e60fe1cecad131b33bfba082498f9b62cbfb02f981fcc634869b4b6cbe8d
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Adds Run key to start application
-