General
-
Target
URGENT REQUEST FOR QUOTATION.exe
-
Size
721KB
-
Sample
210722-1d8mpvrtne
-
MD5
436f3797fc4c39d1a2319196bc15c1c3
-
SHA1
1a93b32908c5def6129f192fd096f129ea575220
-
SHA256
f7b11103bbd791d5c2452275ff23fe51eff41ba5071ba015ef50672138c9b459
-
SHA512
b7322a3a65d5493df020b8746c3277511a103298fb8f985f8f13567b4967428cbd1d6f3071970c8e8bd027f071df808eea3d24f38f030f61bd3d256563292ce8
Static task
static1
Behavioral task
behavioral1
Sample
URGENT REQUEST FOR QUOTATION.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
URGENT REQUEST FOR QUOTATION.exe
Resource
win10v20210410
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.vivaldi.net - Port:
587 - Username:
[email protected] - Password:
23456789@@@@
Targets
-
-
Target
URGENT REQUEST FOR QUOTATION.exe
-
Size
721KB
-
MD5
436f3797fc4c39d1a2319196bc15c1c3
-
SHA1
1a93b32908c5def6129f192fd096f129ea575220
-
SHA256
f7b11103bbd791d5c2452275ff23fe51eff41ba5071ba015ef50672138c9b459
-
SHA512
b7322a3a65d5493df020b8746c3277511a103298fb8f985f8f13567b4967428cbd1d6f3071970c8e8bd027f071df808eea3d24f38f030f61bd3d256563292ce8
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-