General
-
Target
80e4387f16af71a0e195b660788e7a46
-
Size
754KB
-
Sample
210726-dthl22f6za
-
MD5
80e4387f16af71a0e195b660788e7a46
-
SHA1
28d031ced02385ce7a5c817a6df5d6352e70d90f
-
SHA256
addcf96b8f245d197cc999bef98684c34c168f247b77f09de3b0be50200b553c
-
SHA512
1d9a4ebe30e0c2c20e057071d6b000160fd89e45139bbd7f8015971f833b5a48bca39731bbb3dfa2223a4f80e0b99679cc991b5edfcba62d2b29b0060571baef
Static task
static1
Behavioral task
behavioral1
Sample
80e4387f16af71a0e195b660788e7a46.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
80e4387f16af71a0e195b660788e7a46.exe
Resource
win10v20210408
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.privateemail.com - Port:
587 - Username:
cjnew@cjserverlogs2021luck.xyz - Password:
cjcurrent@5000
Targets
-
-
Target
80e4387f16af71a0e195b660788e7a46
-
Size
754KB
-
MD5
80e4387f16af71a0e195b660788e7a46
-
SHA1
28d031ced02385ce7a5c817a6df5d6352e70d90f
-
SHA256
addcf96b8f245d197cc999bef98684c34c168f247b77f09de3b0be50200b553c
-
SHA512
1d9a4ebe30e0c2c20e057071d6b000160fd89e45139bbd7f8015971f833b5a48bca39731bbb3dfa2223a4f80e0b99679cc991b5edfcba62d2b29b0060571baef
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-