General
-
Target
1224712c748f40bed496b240fc7b7f27e0377a1e9e3ba418df1bde7b51ce88b0
-
Size
389KB
-
Sample
220521-byardscfe8
-
MD5
7aa1728f649457b47fcfa89d5c576fd9
-
SHA1
214dcfaf886cba4c31c03949ba9125c9a05942b6
-
SHA256
1224712c748f40bed496b240fc7b7f27e0377a1e9e3ba418df1bde7b51ce88b0
-
SHA512
a48d897409e1aac7ea85216699053c90bb40aaab8503dabb93c0e210ea7407dce9696055856a71e785e3868c63a78c43c46a1a5e140ba0b4996a4f6d4fc2982e
Static task
static1
Behavioral task
behavioral1
Sample
The details for your perusal.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
The details for your perusal.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.net4india.com - Port:
587 - Username:
[email protected] - Password:
computer@147
Targets
-
-
Target
The details for your perusal.exe
-
Size
476KB
-
MD5
4b99c5611817ec938b0075dfd8c94e4e
-
SHA1
30ae1dfc319597f66854dc8e2a719a75e6e27381
-
SHA256
cb48dbab14d829d20075958b99f179cd774fcb41d105b28d3fac54dbe80639bb
-
SHA512
6685b05dd40135eb892fdc114d547333a515bf4486cb216fec680f8637e3f9c0eda9914aa55dc4ff1990ebb81c8d2cd93f01cecbaddc6583fa5aed44519d0dd1
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-