General
-
Target
SWIFT_987867T8E.exe
-
Size
1.1MB
-
Sample
210727-2rzybyf34j
-
MD5
e7e6dd904cf4e8914173e3c1144d457f
-
SHA1
da2e7749856bb874dab798c6e73d643f2751250a
-
SHA256
3ff843810cdddb3d63f8c88302b5b37293a28b5bdd5d71193851c312d2abcd28
-
SHA512
8e9d6f764037476f9244b08fbff9389b66ff5bf4a0104241414041421f56c164a2704ba7bc4b8b515305527df76103ac5ab61540cdf8e804fe92243bdc0d2f42
Static task
static1
Behavioral task
behavioral1
Sample
SWIFT_987867T8E.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
SWIFT_987867T8E.exe
Resource
win10v20210408
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.vivaldi.net - Port:
587 - Username:
rexsativa@vivaldi.net - Password:
panosoktenio@gmail.com
Targets
-
-
Target
SWIFT_987867T8E.exe
-
Size
1.1MB
-
MD5
e7e6dd904cf4e8914173e3c1144d457f
-
SHA1
da2e7749856bb874dab798c6e73d643f2751250a
-
SHA256
3ff843810cdddb3d63f8c88302b5b37293a28b5bdd5d71193851c312d2abcd28
-
SHA512
8e9d6f764037476f9244b08fbff9389b66ff5bf4a0104241414041421f56c164a2704ba7bc4b8b515305527df76103ac5ab61540cdf8e804fe92243bdc0d2f42
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-