General
-
Target
Frozen Seafood Specification BT vannamei shrimps mackerel supply data RFQ 3FCL 0086211052021.exe
-
Size
940KB
-
Sample
210511-mlx1wwwl5j
-
MD5
4239f6a01b20697056527dc5c5b33794
-
SHA1
8c535c57e02423dd83f38225f0a2fbf517c558ea
-
SHA256
d5c6e817e81a13cd55bf34551de9665821e3402bd4aa8c25ef302044502dc509
-
SHA512
2792430bf7160e0067861dfc0e246048e035113af39f426ef4dd59b825bc610fb1cdcd83e70ae9d466d0b4cf65eade4c5eccb8bc8f7cac5c67417f7417c64aca
Static task
static1
Behavioral task
behavioral1
Sample
Frozen Seafood Specification BT vannamei shrimps mackerel supply data RFQ 3FCL 0086211052021.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
Frozen Seafood Specification BT vannamei shrimps mackerel supply data RFQ 3FCL 0086211052021.exe
Resource
win10v20210410
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.corroshield.co.id - Port:
587 - Username:
procurement@corroshield.co.id - Password:
kramatjati1945
Targets
-
-
Target
Frozen Seafood Specification BT vannamei shrimps mackerel supply data RFQ 3FCL 0086211052021.exe
-
Size
940KB
-
MD5
4239f6a01b20697056527dc5c5b33794
-
SHA1
8c535c57e02423dd83f38225f0a2fbf517c558ea
-
SHA256
d5c6e817e81a13cd55bf34551de9665821e3402bd4aa8c25ef302044502dc509
-
SHA512
2792430bf7160e0067861dfc0e246048e035113af39f426ef4dd59b825bc610fb1cdcd83e70ae9d466d0b4cf65eade4c5eccb8bc8f7cac5c67417f7417c64aca
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-