General
-
Target
3072193fbb271c8400b427bfd22ac936.exe
-
Size
214KB
-
Sample
210616-ls4y56sy5e
-
MD5
3072193fbb271c8400b427bfd22ac936
-
SHA1
be521f536e9766c6faf840315c9bedab8501b023
-
SHA256
d696d93b0b75d1fcd1c14fddc65cbbd7fb96bf706a04a608174d9828b1e344da
-
SHA512
0e704c1fbb4b55d8d78edaa4b051d6188c27f6d1b44ebc14b755ea86e7f53b80bdba931926aa14e5419794475d017c0d36318c81ea52ace6220eca210cd8b877
Malware Config
Extracted
agenttesla
https://api.telegram.org/bot1698102386:AAHWYbuf-rLmgfOsAgCnA_t8ncjPXSF5S8c/sendDocument
Targets
-
-
Target
3072193fbb271c8400b427bfd22ac936.exe
-
Size
214KB
-
MD5
3072193fbb271c8400b427bfd22ac936
-
SHA1
be521f536e9766c6faf840315c9bedab8501b023
-
SHA256
d696d93b0b75d1fcd1c14fddc65cbbd7fb96bf706a04a608174d9828b1e344da
-
SHA512
0e704c1fbb4b55d8d78edaa4b051d6188c27f6d1b44ebc14b755ea86e7f53b80bdba931926aa14e5419794475d017c0d36318c81ea52ace6220eca210cd8b877
Score7/10-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-