General
-
Target
409d12a5b0e51035cbc0150762491840fb8265f3d4ecc82bd8545f336a9c0ea8
-
Size
463KB
-
Sample
220521-aypd4seabm
-
MD5
4e8035bfd49f441a0e32c85a3c96f36e
-
SHA1
5fad2e695e545cede8d476c61f50aa6db1c60d6a
-
SHA256
409d12a5b0e51035cbc0150762491840fb8265f3d4ecc82bd8545f336a9c0ea8
-
SHA512
00d5a63057e15ef50f55c7bab9f55b7416769276bda4816edb1f06fdac0c19ca88851b5392390621c7d83acc7ab444112d47b0ff6ad46586c520f6078a95ee2e
Static task
static1
Behavioral task
behavioral1
Sample
EQUIPMENT SCHEDULE.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
EQUIPMENT SCHEDULE.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
Protocol: smtp- Host:
Smtp.yandex.ru - Port:
587 - Username:
[email protected] - Password:
Alibaba1
Targets
-
-
Target
EQUIPMENT SCHEDULE.exe
-
Size
715KB
-
MD5
fc65a5a3bd2125f3139bc62bf1022861
-
SHA1
30452e8eddb86a9a6221878a9dafb613755503d7
-
SHA256
faad832bfb6f193e546aad045e0d90ff28f4b7c60bf0e711a7f5ff8b90fc5039
-
SHA512
199cfc53790460c8b920fec7b55519b9b3f0c9df0b689f7c3e8d504f04cce0ec0aa6beed6c194c966add95914797fd958e4fae7719bc28df764854ee99b61c3c
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Accesses Microsoft Outlook profiles
-