General
-
Target
3496430927654_RFQ.zip
-
Size
195KB
-
Sample
210423-qekxn5nq7j
-
MD5
55940c69f8300650ad0b4d4f062aa57e
-
SHA1
64acc019a856a915e498cd2fe00e642305243c29
-
SHA256
bda17927cce16ab2c2324f3b95f3eb8a005399f325cfa07221fb3c4f9e7ed36b
-
SHA512
be22ca08def89b23326aa36ce63fb545e9de0b02938e6b1a582fc7b8c7e78bc0d8490f360bb82813e36bb34b91e909482f4f6ce4442f4005ee3fcb12e99f07de
Static task
static1
Behavioral task
behavioral1
Sample
3496430927654_RFQ.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
3496430927654_RFQ.exe
Resource
win10v20210408
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.gmail.com - Port:
587 - Username:
fundingonly@gmail.com - Password:
kinging22
Targets
-
-
Target
3496430927654_RFQ.exe
-
Size
571KB
-
MD5
4acd37e21b5950fc28752481f0d2d8db
-
SHA1
1b875e2f2b212604ab8d4891b164d6c0f42986a5
-
SHA256
5849b64404a17d7613bf27259eba36ad479f4d3163cd73ae54073b281a0246e2
-
SHA512
1dc70030462ae53711d1d50157dc8133bdec2be753ee701fecc6b8a4fb71fde8cc26cfc13bd426c6be92c5652b286dffd1e37250de09eb85914263fadfd3b774
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-