General
-
Target
d2236a62c37222eab004fe29dff21926
-
Size
415KB
-
Sample
210726-bz56bnnlze
-
MD5
d2236a62c37222eab004fe29dff21926
-
SHA1
a810cb3272ed92c87190673df5150ce08034ab96
-
SHA256
d4be3ce81431208b9fd7abb34856c058fd899061e7090c6b4b97e199a45ef0f9
-
SHA512
b4a1753217b83c131984f207578c3b98bd0dc9417a2a89fd900203c31782c162256d92dc9e32d8029133730172111810c5f68accae8bcadba59e69b7d333ea11
Static task
static1
Behavioral task
behavioral1
Sample
d2236a62c37222eab004fe29dff21926.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
d2236a62c37222eab004fe29dff21926.exe
Resource
win10v20210408
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.ccsp-india.com - Port:
587 - Username:
vehicle@ccsp-india.com - Password:
Lkp$CcsP1008
Targets
-
-
Target
d2236a62c37222eab004fe29dff21926
-
Size
415KB
-
MD5
d2236a62c37222eab004fe29dff21926
-
SHA1
a810cb3272ed92c87190673df5150ce08034ab96
-
SHA256
d4be3ce81431208b9fd7abb34856c058fd899061e7090c6b4b97e199a45ef0f9
-
SHA512
b4a1753217b83c131984f207578c3b98bd0dc9417a2a89fd900203c31782c162256d92dc9e32d8029133730172111810c5f68accae8bcadba59e69b7d333ea11
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-