General
-
Target
693f1fea27c05fd53c8d5bfb0d51da40f1d337fccc2f81b090b0ce92b36c14a5
-
Size
370KB
-
Sample
220521-bawc7abfb2
-
MD5
a734c3a4a2f35f515548277bf05bbf3e
-
SHA1
dfc2a4e352f8d1f1e3b6d69ffbfda6b461021cff
-
SHA256
693f1fea27c05fd53c8d5bfb0d51da40f1d337fccc2f81b090b0ce92b36c14a5
-
SHA512
f96812649c61c134af39ba5c6a631b99bd6fcdde15e913438ac90c760d852e2aa671054b3cbe834fa32944a04336dd4e8ea50da38eda8ad3a3a6d6c29e59c713
Static task
static1
Behavioral task
behavioral1
Sample
Quotation655511048786549..exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Quotation655511048786549..exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.privateemail.com - Port:
587 - Username:
[email protected] - Password:
mmm777
Targets
-
-
Target
Quotation655511048786549..exe
-
Size
422KB
-
MD5
7fa97016462d711791fd3b3dd16f0205
-
SHA1
1463aca8f64724d51b691a96d0f94a611ddd7d7c
-
SHA256
c99d0b434418dcf5e39b3389aebabfd10bd9920e5ca670bdedc08dbd0832dee2
-
SHA512
7b94a0df90caf98cd66485063cf93a7548997fc76ef8454462af3e7de00d4baab0b9e4e12b09cf758dbd8cd4259a8d4b8f62c9b69d5683e131d2dfa480f8a1d1
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-