General
-
Target
53129cf39b6b180a20bef666da18f6ca
-
Size
728KB
-
Sample
210722-cyb5zcjmm2
-
MD5
53129cf39b6b180a20bef666da18f6ca
-
SHA1
62487b332736b0a29584e625e43c6822e7c60422
-
SHA256
06798301d113e18d6e6ffe3321628911d604bbc65ff5b465986155abd29f09dc
-
SHA512
3fc006f01cf7a179db4519d4b67e5be4edb5d92ca98cbf5545a9f399849018ffb83f0749ef8bb3dbb46b4eb1d481ecf7ec8c4ee5700b6f812527717949f3b8f0
Static task
static1
Behavioral task
behavioral1
Sample
53129cf39b6b180a20bef666da18f6ca.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
53129cf39b6b180a20bef666da18f6ca.exe
Resource
win10v20210410
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.privateemail.com - Port:
587 - Username:
accounts@trialseqco-uk.icu - Password:
NewMexcico@123
Targets
-
-
Target
53129cf39b6b180a20bef666da18f6ca
-
Size
728KB
-
MD5
53129cf39b6b180a20bef666da18f6ca
-
SHA1
62487b332736b0a29584e625e43c6822e7c60422
-
SHA256
06798301d113e18d6e6ffe3321628911d604bbc65ff5b465986155abd29f09dc
-
SHA512
3fc006f01cf7a179db4519d4b67e5be4edb5d92ca98cbf5545a9f399849018ffb83f0749ef8bb3dbb46b4eb1d481ecf7ec8c4ee5700b6f812527717949f3b8f0
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-