General
-
Target
d0b7df024c948eb8dff90089f6be45530d7a170574295048c284c24eab0ee763
-
Size
395KB
-
Sample
220520-3bn42sgeh7
-
MD5
649f2727107d326922206dcbc8c605d0
-
SHA1
5559fbb47e4dc9bd08ad552dd71f47312b53043c
-
SHA256
d0b7df024c948eb8dff90089f6be45530d7a170574295048c284c24eab0ee763
-
SHA512
513a0c5357fbe61775433f61a952b220e0c56dbfe91e639cce6a53f4d38ca05a03653081d95f76d380c3d8d972c0dfd3150bdf55abc2de1723530cc4a7fb56f6
Static task
static1
Behavioral task
behavioral1
Sample
TNT SHIPMENT INVOICE DUE.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
TNT SHIPMENT INVOICE DUE.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
Protocol: smtp- Host:
smtp.yandex.ru - Port:
587 - Username:
[email protected] - Password:
solomon12345$$$1
Targets
-
-
Target
TNT SHIPMENT INVOICE DUE.exe
-
Size
464KB
-
MD5
c4b78b3eb87e7bc1d8a4c369d62d5e6c
-
SHA1
82735f4faa15954e1889a1b3bf8479dfbb4e9e65
-
SHA256
e3899b3b425be4765ef43c57d0a6716ead1c1580f7c5af481047e2cf0c412c7b
-
SHA512
0c7f0436960421aceed4f6e262369e6d6f9cde7108a809acd2039168016b6187dd535f2f2d7a6a2a3dc99093d257f17043559c1d2e93926488c08816b04f90e7
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Accesses Microsoft Outlook profiles
-