General
-
Target
d7fcb1276140c93adbec0de20aefc1e913755df61af986929067ecc940d35d7c
-
Size
346KB
-
Sample
220520-3qfq8accaq
-
MD5
35405b18beae2f029b70b3a82f75b6c4
-
SHA1
bc3071e909907950b2f256881b6cbd7da44b9b19
-
SHA256
d7fcb1276140c93adbec0de20aefc1e913755df61af986929067ecc940d35d7c
-
SHA512
a9475d3857dace6ec4d1f17dd355fa779be041f4ff6734e930b9ac5d0655b769c8950fea122b6932344a593646dc9c96b18575a67c01245eff51752bfe350932
Static task
static1
Behavioral task
behavioral1
Sample
Order Confirmation.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Order Confirmation.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
Protocol: smtp- Host:
smtp.yandex.com - Port:
587 - Username:
[email protected] - Password:
fabgenius12345
Targets
-
-
Target
Order Confirmation.exe
-
Size
526KB
-
MD5
016c990cfcda0bac9506e573739380ef
-
SHA1
39eaa1414307997bdce479765b1e675271011326
-
SHA256
f29176c4750dc1c9b0fea97cdfd58064c7d7de2bc92884534c9f35dd11267f6a
-
SHA512
cb172c22a7922d9b11fd4396a7f882c7010d03a3d7b146970723cf2269fa8c0c742fd5b744d0f849eabf629f336e423bcda4b9c2ef2edc8076b5523250c03a47
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Accesses Microsoft Outlook profiles
-