General
-
Target
nyugta visszaigazoló másolat 07.22._
-
Size
746KB
-
Sample
210722-czc1nepnej
-
MD5
0c0d8f79da9f793b34d7da040dc6dea8
-
SHA1
ac540956c02485fbe9fe7246ad5058728130abd4
-
SHA256
dfb1d3fe5395e4cd9728e77034c6b6f7f009c00e0a7270e83231cf8a2fbb9867
-
SHA512
a3ba009e9a873d4d9286896ddab0f5b8dbcb3358b430ac791b1609172023890b421332dfdd8e63ac58457b1c4a939e7a5bb6f7f322ad87bb64efd64522c1c233
Static task
static1
Behavioral task
behavioral1
Sample
nyugta visszaigazoló másolat 07.22._.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
nyugta visszaigazoló másolat 07.22._.exe
Resource
win10v20210408
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.grupoconvivium.mx - Port:
587 - Username:
[email protected] - Password:
mad2015/
Targets
-
-
Target
nyugta visszaigazoló másolat 07.22._
-
Size
746KB
-
MD5
0c0d8f79da9f793b34d7da040dc6dea8
-
SHA1
ac540956c02485fbe9fe7246ad5058728130abd4
-
SHA256
dfb1d3fe5395e4cd9728e77034c6b6f7f009c00e0a7270e83231cf8a2fbb9867
-
SHA512
a3ba009e9a873d4d9286896ddab0f5b8dbcb3358b430ac791b1609172023890b421332dfdd8e63ac58457b1c4a939e7a5bb6f7f322ad87bb64efd64522c1c233
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-