General
-
Target
3e91f5b4e43be25be923a3571376ced44a411b52cfed1d0d59c6e89ec357206e
-
Size
1.2MB
-
Sample
220521-d6f99abhem
-
MD5
3b5baf1b8c59f3f525af8e5a0aea4847
-
SHA1
545dbd61047693f430e6db927815a35aed9607a8
-
SHA256
3e91f5b4e43be25be923a3571376ced44a411b52cfed1d0d59c6e89ec357206e
-
SHA512
8c5a9cae9bd33443e6baaefb340f7efb3cd6de75e1a7f42c4f4a3099eaca03aa1f8794a14aa2afe562496318fe4a9efda74776225a0cf3ed602bfdeddb4e9a6d
Static task
static1
Behavioral task
behavioral1
Sample
RAW.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
RAW.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
Protocol: smtp- Host:
gaia-toursjo.com - Port:
587 - Username:
[email protected] - Password:
X60x5Z@A
Targets
-
-
Target
RAW.EXE
-
Size
302KB
-
MD5
ffb8b0550bb87579df05a4ff9c8267d8
-
SHA1
92976dd61b2ae7786794127d4fc4c232035ea341
-
SHA256
b2d1cdc0ec47efacde37d66c1b9f38fc25bbbafd0538080e0949750f841117db
-
SHA512
29334a7f28dd74537d6e791d5e79875473a99be6c503fc68ba11998d380afcb1f451013db0655c4e4375570bba2614c9795d1620af8e37721ea838959f2b0cf3
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Accesses Microsoft Outlook profiles
-