General
-
Target
198af255a94829adaf3922f0c123e0378c73607d044ada3eb86af5a7358129df.zip
-
Size
642KB
-
Sample
210624-xq8asrfzdx
-
MD5
38ab51870fda79609423783db09bd98f
-
SHA1
92bc7b25abc41591031711a036bda71450779661
-
SHA256
1452321ac76d7b39e67e4b280bef74311bd00eb614c2e7f97a033649ccbd4115
-
SHA512
5025f989ef9afbb69938899104b89076121735b872a004923bd654fbfd2438541096815ef886001c5813d42d3dc41661bd92a28223684968ad46c03dcc91a131
Static task
static1
Behavioral task
behavioral1
Sample
198af255a94829adaf3922f0c123e0378c73607d044ada3eb86af5a7358129df.exe
Resource
win10v20210410
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.campingcubillas.com - Port:
587 - Username:
desire@campingcubillas.com - Password:
bkn27o425xp2
Targets
-
-
Target
198af255a94829adaf3922f0c123e0378c73607d044ada3eb86af5a7358129df
-
Size
723KB
-
MD5
6fc7cb62d3c44b6d28afbfa537c9bcbc
-
SHA1
d4105ddb2fe2051287525c3652470d40dae6f73d
-
SHA256
198af255a94829adaf3922f0c123e0378c73607d044ada3eb86af5a7358129df
-
SHA512
005ebc963720d47a1812f60a50d9bdf99fb53aa7fcd06650074235c48d276d02a4a0894492e37867d9cba1c0841b4c08d83f724082245bd3e3c55a1c9f41fda5
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-