General
-
Target
21209e5d69c7b8b10a005292374881f0971f22901c78a2c20b6814339dce569f.exe
-
Size
210KB
-
Sample
220521-3mysmahbep
-
MD5
687124fe17f1e854c68d778f01eb0f3c
-
SHA1
c869f506f7532598f316ca04d43051b73936c6cc
-
SHA256
21209e5d69c7b8b10a005292374881f0971f22901c78a2c20b6814339dce569f
-
SHA512
23cb6e8588613ec0411cdaa91203f37c3a2534a9e222b300ab39903324894285caaf270540c92ea7d532a7c08e28ba6475e2cbbc36b5407d11307c61c20652b6
Static task
static1
Behavioral task
behavioral1
Sample
21209e5d69c7b8b10a005292374881f0971f22901c78a2c20b6814339dce569f.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
21209e5d69c7b8b10a005292374881f0971f22901c78a2c20b6814339dce569f.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.tejarathotel.af - Port:
587 - Username:
info@tejarathotel.af - Password:
Kabirzad@4022# - Email To:
ranjqnupreti3@gmail.com
Targets
-
-
Target
21209e5d69c7b8b10a005292374881f0971f22901c78a2c20b6814339dce569f.exe
-
Size
210KB
-
MD5
687124fe17f1e854c68d778f01eb0f3c
-
SHA1
c869f506f7532598f316ca04d43051b73936c6cc
-
SHA256
21209e5d69c7b8b10a005292374881f0971f22901c78a2c20b6814339dce569f
-
SHA512
23cb6e8588613ec0411cdaa91203f37c3a2534a9e222b300ab39903324894285caaf270540c92ea7d532a7c08e28ba6475e2cbbc36b5407d11307c61c20652b6
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Drops file in Drivers directory
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-