General
-
Target
679e61e35641582d91f79ec97752b2a5
-
Size
835KB
-
Sample
210722-s4txrahby2
-
MD5
679e61e35641582d91f79ec97752b2a5
-
SHA1
14a6ff96de2f98b6898dd9597aee672207144da6
-
SHA256
676f6881fe4c71bf5f97091fa411d7ec1689f8c40383a2ffae9f84aaae442330
-
SHA512
0b42944cb34ca818b275becf3fd95699ea8aa3166774ede1f6971d899b21cac08790af8d510cfa624ee8d7e82637e785626c19d9f0d029f63558430dd1442cbc
Static task
static1
Behavioral task
behavioral1
Sample
679e61e35641582d91f79ec97752b2a5.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
679e61e35641582d91f79ec97752b2a5.exe
Resource
win10v20210408
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
webmail.shyamindofab.com - Port:
587 - Username:
[email protected] - Password:
anurag#$486
Targets
-
-
Target
679e61e35641582d91f79ec97752b2a5
-
Size
835KB
-
MD5
679e61e35641582d91f79ec97752b2a5
-
SHA1
14a6ff96de2f98b6898dd9597aee672207144da6
-
SHA256
676f6881fe4c71bf5f97091fa411d7ec1689f8c40383a2ffae9f84aaae442330
-
SHA512
0b42944cb34ca818b275becf3fd95699ea8aa3166774ede1f6971d899b21cac08790af8d510cfa624ee8d7e82637e785626c19d9f0d029f63558430dd1442cbc
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-