General
-
Target
e3806a664de87b3602e09a2e30937ec1f33297b2ac979be0cea96f4da7867db8
-
Size
397KB
-
Sample
220520-3m72ashbg2
-
MD5
9de2e180adcdc1dc4e8258766522ec4d
-
SHA1
01f9c9f224373fda4f6a20f38b7c91f2367a39ad
-
SHA256
e3806a664de87b3602e09a2e30937ec1f33297b2ac979be0cea96f4da7867db8
-
SHA512
9a496fd17f7631ac0a2aa7f3ff447be321abeefaa052e4af48144da02210ec060779452d5b8f64571d2dc5d0ad5666fe7f189bf4898558c5d3bb78ed6b4cac7e
Static task
static1
Behavioral task
behavioral1
Sample
payment099.img.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
payment099.img.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
Protocol: smtp- Host:
smtp.yandex.ru - Port:
587 - Username:
[email protected] - Password:
solomon12345$$$1
Targets
-
-
Target
payment099.img.exe
-
Size
451KB
-
MD5
7a5fd5ee60f3cb1821ed28b7ef23817b
-
SHA1
84a414b566a91ce779f507630a1555a13eeaa3a9
-
SHA256
dacfabf248226bbd129541f002eb53cfc0855334d87e1e148141c32a7b231a52
-
SHA512
8398c3375bfba30cc6fbd4417fe071e3f84b111477a9638315939f3a59014682eb5d1034fef7e96ce58ce50d0d8f02a434a4aa9c65fbc552875756ff537a1316
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Accesses Microsoft Outlook profiles
-