General
-
Target
5e66c20c223b8906a004d5cb856118261f5bcd26db8c82c51eeeefaebfab2bad
-
Size
306KB
-
Sample
220520-2gxgyafcg7
-
MD5
18ae536ce056d7120d96e489142f24e5
-
SHA1
c7c63e3d8ed699621f70115bb2ea5f5120469334
-
SHA256
5e66c20c223b8906a004d5cb856118261f5bcd26db8c82c51eeeefaebfab2bad
-
SHA512
d5002427ab6b4830d28a611230c954719fc1a1172e4c8b017d2beacd8531d51c0f18f70f9a3ed90dcc15d45b962f8280a910372cc26967b028554730381f6b52
Static task
static1
Behavioral task
behavioral1
Sample
sheet Order.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
sheet Order.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
Protocol: smtp- Host:
smtp.yandex.ru - Port:
587 - Username:
[email protected] - Password:
solomon12345$$$1
Targets
-
-
Target
sheet Order.exe
-
Size
324KB
-
MD5
be0e5ec452c3521a9c335564f386110f
-
SHA1
d7a37c4821ec8a252b84354d98ca0437d94c3055
-
SHA256
9d7e42c747de8d1f950c5fb27e4bee452d41140969f7a3af1da9e20e7fde6613
-
SHA512
80bc1049ce5b41d0b6e9a5c242444c78cafdd70c13934956ae67daba70871b1b8117a13d77c4633b95f883a4a123a974ee13edbb2088bbe7bbc204fce20afc79
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Accesses Microsoft Outlook profiles
-