General
-
Target
bee7335822adad100e62824cc28283de9513e8d3141752a7f52a0cbe8b2f0342
-
Size
388KB
-
Sample
220521-b2dmfscha3
-
MD5
54ea8a84f32926bccd4d9371aa32a2a7
-
SHA1
38c3a0d14279074d63ccd5a4edf915d87636d365
-
SHA256
bee7335822adad100e62824cc28283de9513e8d3141752a7f52a0cbe8b2f0342
-
SHA512
b18c3187223d5ef59201d80f7e3fae59e7658b4de3e3532193c9bd5ca1758946f7a4e0a64dfaa7409c0e77b04f5419c156f874d581980fe55e34257f5f818841
Static task
static1
Behavioral task
behavioral1
Sample
bee7335822adad100e62824cc28283de9513e8d3141752a7f52a0cbe8b2f0342.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
bee7335822adad100e62824cc28283de9513e8d3141752a7f52a0cbe8b2f0342.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.megaworldcorps.com - Port:
587 - Username:
[email protected] - Password:
UBx@@re1
Targets
-
-
Target
bee7335822adad100e62824cc28283de9513e8d3141752a7f52a0cbe8b2f0342
-
Size
388KB
-
MD5
54ea8a84f32926bccd4d9371aa32a2a7
-
SHA1
38c3a0d14279074d63ccd5a4edf915d87636d365
-
SHA256
bee7335822adad100e62824cc28283de9513e8d3141752a7f52a0cbe8b2f0342
-
SHA512
b18c3187223d5ef59201d80f7e3fae59e7658b4de3e3532193c9bd5ca1758946f7a4e0a64dfaa7409c0e77b04f5419c156f874d581980fe55e34257f5f818841
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-