General
-
Target
platby.exe
-
Size
214KB
-
Sample
211021-phgrnaacd3
-
MD5
65ad22c65090e03f073bf54ce23ec8bd
-
SHA1
cd86d774974fe82da4fcb08832688abcafd28b5e
-
SHA256
6ac6c87e43bef00486e72f1646f6043c16b018bdc488c3d8bed474d50a799c38
-
SHA512
e379b10ea2741bb1287e40d2857fc71bdefc9c9ee6364c92d23e7b9fe20f6ce5334fa5f8abe4fe2fda1d2a6a753dcc6d717d632c0a03a1177218446e77d17d05
Static task
static1
Behavioral task
behavioral1
Sample
platby.exe
Resource
win7-en-20211014
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.fullmachinespa.cl - Port:
587 - Username:
mcortes@fullmachinespa.cl - Password:
marcor2018
Targets
-
-
Target
platby.exe
-
Size
214KB
-
MD5
65ad22c65090e03f073bf54ce23ec8bd
-
SHA1
cd86d774974fe82da4fcb08832688abcafd28b5e
-
SHA256
6ac6c87e43bef00486e72f1646f6043c16b018bdc488c3d8bed474d50a799c38
-
SHA512
e379b10ea2741bb1287e40d2857fc71bdefc9c9ee6364c92d23e7b9fe20f6ce5334fa5f8abe4fe2fda1d2a6a753dcc6d717d632c0a03a1177218446e77d17d05
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-