General
-
Target
PO#55442676.exe
-
Size
860KB
-
Sample
210727-4vsa8c6bj6
-
MD5
12461631c81fa8e11f62afdad7d24be8
-
SHA1
d8b6b589cc02a865af24f4ae87a2d4ea6b4ae4f6
-
SHA256
77d4db3d0d8be6fee0817f5d835f0c904649d78078e6c78b2d7c224026fed3b3
-
SHA512
86be5061fc9d8bb750d5026932866380a08994946ddad29cd30ef784be284a68ed4c0bdf600356841d88d0ce01576640b3fd62df3fc401ccba67efb2deb16ce4
Static task
static1
Behavioral task
behavioral1
Sample
PO#55442676.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
PO#55442676.exe
Resource
win10v20210410
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.vivaldi.net - Port:
587 - Username:
chinalee@vivaldi.net - Password:
chinalee2020
Targets
-
-
Target
PO#55442676.exe
-
Size
860KB
-
MD5
12461631c81fa8e11f62afdad7d24be8
-
SHA1
d8b6b589cc02a865af24f4ae87a2d4ea6b4ae4f6
-
SHA256
77d4db3d0d8be6fee0817f5d835f0c904649d78078e6c78b2d7c224026fed3b3
-
SHA512
86be5061fc9d8bb750d5026932866380a08994946ddad29cd30ef784be284a68ed4c0bdf600356841d88d0ce01576640b3fd62df3fc401ccba67efb2deb16ce4
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-