General
-
Target
prbsbnk21nov11.pdf.exe
-
Size
214KB
-
Sample
211112-n985jsadep
-
MD5
fcd9a3c4fcaaa8b79160097217e72990
-
SHA1
1952f5b38218ea08e2efa6f00ef3537df675b805
-
SHA256
57bed7441de5b4e401bd3237d44b5fffcbc8ff4a88569959edea7573bdd13ded
-
SHA512
19e4ebe418d44fb3bcc848dc484a30961106af0204f2ffd20b57ea67cc618404c1a369d248971d3dc5f47d2e66cfeca98a94adec2d05f597b134229cb3e9f483
Static task
static1
Behavioral task
behavioral1
Sample
prbsbnk21nov11.pdf.exe
Resource
win7-en-20211104
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.meyaargroup.com - Port:
587 - Username:
info@meyaargroup.com - Password:
Meyaar@123$
Targets
-
-
Target
prbsbnk21nov11.pdf.exe
-
Size
214KB
-
MD5
fcd9a3c4fcaaa8b79160097217e72990
-
SHA1
1952f5b38218ea08e2efa6f00ef3537df675b805
-
SHA256
57bed7441de5b4e401bd3237d44b5fffcbc8ff4a88569959edea7573bdd13ded
-
SHA512
19e4ebe418d44fb3bcc848dc484a30961106af0204f2ffd20b57ea67cc618404c1a369d248971d3dc5f47d2e66cfeca98a94adec2d05f597b134229cb3e9f483
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-