General
-
Target
PROFILE SULFERT 2021_pdf.rar
-
Size
594KB
-
Sample
210422-l96w1zbype
-
MD5
eaab9ac59fb0a7631ed6260f0be91bdf
-
SHA1
2ad16bf0927a78c9ae98c0cfbb80a43474ee62ad
-
SHA256
f73fd03534d33ba3fae1a599de9cae587a34fe060457fdab954e79a0ab2f52ff
-
SHA512
8ffe0269e05c54e798622776bcf35a11020832804fbaf3d98c3c85f006423f6a244bf52b6bb206e7683b7c0732cc551b7e650560e63ef4685603d7c327bf4a38
Static task
static1
Behavioral task
behavioral1
Sample
PROFILE SULFERT 2021_pdf.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
PROFILE SULFERT 2021_pdf.exe
Resource
win10v20210410
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.ilkimegitim.com - Port:
587 - Username:
savas@ilkimegitim.com - Password:
Savas581
Targets
-
-
Target
PROFILE SULFERT 2021_pdf.exe
-
Size
919KB
-
MD5
091ea9575d227e96f6d5ed5765c1c91c
-
SHA1
414065616351035e663b101a0549d74bab83eff3
-
SHA256
f3b2b42ef8cec0923c1775d70e26d43577f386e0080b5e3215f608dd33e75313
-
SHA512
d6629254b26d6d53688580c8102eeddc23abc71d834519f068d19641a81e8e582204dc308d3defb38eeed132a9026187df6a3330782c7353ba9f0332f73953e6
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Drops file in Drivers directory
-