General
-
Target
90dd925b1990f66414717bf179f8c041.exe
-
Size
940KB
-
Sample
210721-491wxcq35n
-
MD5
90dd925b1990f66414717bf179f8c041
-
SHA1
7dbf76751d6eed6f84a3c17bea67ff8dc1cb3735
-
SHA256
424c2b2020c57524e9478cc214bd98ec2abee1f3fb2fb7b2db54c5e90f877b18
-
SHA512
3dfcf2955004657d74e78db86e1c01e1dfba97dcd76b534bd0afbb856f0ee3403a5b281098bbfd025ed99f8025407fb2362e795ad2f07ca905e17d2fbf69ce89
Static task
static1
Behavioral task
behavioral1
Sample
90dd925b1990f66414717bf179f8c041.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
90dd925b1990f66414717bf179f8c041.exe
Resource
win10v20210410
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.hotelharmika.com - Port:
587 - Username:
[email protected] - Password:
Playboy007
Targets
-
-
Target
90dd925b1990f66414717bf179f8c041.exe
-
Size
940KB
-
MD5
90dd925b1990f66414717bf179f8c041
-
SHA1
7dbf76751d6eed6f84a3c17bea67ff8dc1cb3735
-
SHA256
424c2b2020c57524e9478cc214bd98ec2abee1f3fb2fb7b2db54c5e90f877b18
-
SHA512
3dfcf2955004657d74e78db86e1c01e1dfba97dcd76b534bd0afbb856f0ee3403a5b281098bbfd025ed99f8025407fb2362e795ad2f07ca905e17d2fbf69ce89
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-