General
-
Target
9422b640677c3d7fd7676ad0072de592
-
Size
1.1MB
-
Sample
210726-9xbtbl8z26
-
MD5
9422b640677c3d7fd7676ad0072de592
-
SHA1
0eeb66a8bf9c69c40bcbb358575f0d31a576512d
-
SHA256
616e1d5270aefda2c78d54b820bb56ddd9c8c051416228343eef39fa90a7826b
-
SHA512
822521c0b56a2c9f7b563b2c0bed156048c4e2f9fdc2fb841c3e1b4e443c1a5b28df827fef1dbd96daea569368f41172953a70be64a0f9d7c665ee1682f483d2
Static task
static1
Behavioral task
behavioral1
Sample
9422b640677c3d7fd7676ad0072de592.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
9422b640677c3d7fd7676ad0072de592.exe
Resource
win10v20210410
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.privateemail.com - Port:
587 - Username:
cjnew@cjserverlogs2021luck.xyz - Password:
cjcurrent@5000
Targets
-
-
Target
9422b640677c3d7fd7676ad0072de592
-
Size
1.1MB
-
MD5
9422b640677c3d7fd7676ad0072de592
-
SHA1
0eeb66a8bf9c69c40bcbb358575f0d31a576512d
-
SHA256
616e1d5270aefda2c78d54b820bb56ddd9c8c051416228343eef39fa90a7826b
-
SHA512
822521c0b56a2c9f7b563b2c0bed156048c4e2f9fdc2fb841c3e1b4e443c1a5b28df827fef1dbd96daea569368f41172953a70be64a0f9d7c665ee1682f483d2
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-