General
-
Target
f84e1ddd1f5e92bc3725b6fa26995d9e777af932a9606d2d330910fb889e484c
-
Size
663KB
-
Sample
220520-3jj53ahab5
-
MD5
93ba191cdf48ab64049a6da271bc230a
-
SHA1
04682dbc0f7e180a31078c9d5fe21e522a1a3a26
-
SHA256
f84e1ddd1f5e92bc3725b6fa26995d9e777af932a9606d2d330910fb889e484c
-
SHA512
16ee549a5202d90c953c888b30925b2166339cbf9e086d996395d2ebae3f264b18b3cc4652c148995151177cbd0b17faf51476e01b0075f5ec54a2e339169442
Static task
static1
Behavioral task
behavioral1
Sample
Order Confirmations_PRQ0000272..pdf.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Order Confirmations_PRQ0000272..pdf.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
Protocol: smtp- Host:
smtp.yandex.com - Port:
587 - Username:
[email protected] - Password:
amazinggrace12345
Targets
-
-
Target
Order Confirmations_PRQ0000272..pdf.exe
-
Size
858KB
-
MD5
6fe031aaeb639e0070ce96f08e1a153e
-
SHA1
80e8e539bde4cf821a3fc0ff6fa7de102197aa8f
-
SHA256
704220677dd9e9977a092054efcfb14c15993cb62cf230d312f89536b385c90a
-
SHA512
96a002c30670c5e808931fd47695137488847269732e83d932bf778dcf03187d95a328188f22903c3c81dc8ea131ffa0b3f321d4290c1e8bddb3dd0c0bfac1c0
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Accesses Microsoft Outlook profiles
-