General
-
Target
_PO NO 16670,16671,16672.gz
-
Size
579KB
-
Sample
210423-jzyw1q1agn
-
MD5
918653aaa65aa4a72c4ca8833fc974a1
-
SHA1
76a2c83a01a430d2481d8ba0dcf933dd882b6348
-
SHA256
8858d58aa00f3a59e599698f4498162684a4b3f44eef47d12aeb0e3ea9bf6fcd
-
SHA512
3b38e7ad597ab910671208206c8665b3ef05ce236517e939cc9f4866187108f8c27a58b6fe75350c0de5fc38d04216b81ba0ad866eef6348e744ced11131e5f3
Static task
static1
Behavioral task
behavioral1
Sample
PO NO 16670,16671,16672.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
PO NO 16670,16671,16672.exe
Resource
win10v20210410
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.tph-buasysteme.com - Port:
587 - Username:
d.furchtmann@tph-buasysteme.com - Password:
kApkjKY8
Targets
-
-
Target
PO NO 16670,16671,16672.exe
-
Size
876KB
-
MD5
4b2da32775bb69ef313a77ed01c63ca5
-
SHA1
0f50b7d0721304ccf5c02a23da6a640980b2a24f
-
SHA256
e2ea537c8c7c8b76704a156bbf478fedb4464a9bc4dbd1468938c29c8e8b4ea9
-
SHA512
c1259c26ce296e18acfece290b771fcdf01dc47ee2074fd129da0a684f65ba2fb7b250e1a2685e50600faedbf7dd2ca6905e00aefcc82b37ac5bafc7421a2f2a
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-