General
-
Target
Curriculum Vitae Isabelle Ruiz.exe
-
Size
528KB
-
Sample
211203-te3beahaaj
-
MD5
b9c846f96a3b2aaa41f5c012f67b2fd8
-
SHA1
91026299b14ed152fc4950c8ab9717ad25bb7a7e
-
SHA256
19a1cfb5ce0727dabbf328f2ce0c462b4c1f149a2e063e9902dc831d06a9523b
-
SHA512
453104cf191c2b97f9b9fa51650db4b7b141318020771a1c37a60f52fc64a8fdcf36583bebbc5459f9c82cbd87e1ebca134641ac57e7cfb43fc760a814008e31
Static task
static1
Behavioral task
behavioral1
Sample
Curriculum Vitae Isabelle Ruiz.exe
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
Curriculum Vitae Isabelle Ruiz.exe
Resource
win10-en-20211104
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.martinaquatlc.com - Port:
587 - Username:
[email protected] - Password:
Oc^kUog2
Targets
-
-
Target
Curriculum Vitae Isabelle Ruiz.exe
-
Size
528KB
-
MD5
b9c846f96a3b2aaa41f5c012f67b2fd8
-
SHA1
91026299b14ed152fc4950c8ab9717ad25bb7a7e
-
SHA256
19a1cfb5ce0727dabbf328f2ce0c462b4c1f149a2e063e9902dc831d06a9523b
-
SHA512
453104cf191c2b97f9b9fa51650db4b7b141318020771a1c37a60f52fc64a8fdcf36583bebbc5459f9c82cbd87e1ebca134641ac57e7cfb43fc760a814008e31
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-