General
-
Target
BIT4A6E.tmp.zip
-
Size
540KB
-
Sample
210721-dnzhmntkpn
-
MD5
b34f02f52a7bc8b83ddb248af559e8c3
-
SHA1
6b57a0958642b4fe63f4a6eeac2c983edf071caf
-
SHA256
cc461e423702a06117dfc7aa067739c6c05d352d73f8f2711dd379b631578183
-
SHA512
b5df7739d7d9d5eb3e38a3f635b556b71092b412a553cf5bf420646dbf50d19c45e0c05bfd7945fbe187e3969d44db3ba95c89536cc9e64df08b8fc803b26fc2
Score
10/10
Malware Config
Extracted
Family
agenttesla
Credentials
Protocol: smtp- Host:
mail.logoffices.com - Port:
587 - Username:
[email protected] - Password:
!=T?xaXTd$kh
Targets
-
-
Target
BIT4A6E.tmp
-
Size
791KB
-
MD5
727c8d700024c3c8d907cc07cbf3cb91
-
SHA1
3c62dbbdb72f2cab6d41a16f1227bad9b6834234
-
SHA256
3402c4d1af55c094b51aeb5318e83178b16e03125cd913d1ecfcd22e4708461d
-
SHA512
52dc25209c6edfa525ddb51060f96da3d536208e73745cbe392f1e61fc025898de21a76a0adae8a775a6d13f12aa84f97f6e8acc8e82fb258bf5410843972db1
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-