General
-
Target
6b81a4f41030c2b4c80db6589517a041d77e46e6f2a671dcface7a6591527eb2
-
Size
383KB
-
Sample
220521-elj13scedk
-
MD5
00fe0b29d3f119507579ac2e97025709
-
SHA1
edcfd4db2ad3b52f2df665a6790c10fd2843b285
-
SHA256
6b81a4f41030c2b4c80db6589517a041d77e46e6f2a671dcface7a6591527eb2
-
SHA512
9d3bff3127057f747074e0d8d0331325727d2ccf0e489b6c67d90f424cacfc20eea15521c5c9c2d8e1b6abcdc965672a37ee5afa157dc6b032f4f353a13069a5
Static task
static1
Behavioral task
behavioral1
Sample
Order Datasheet.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Order Datasheet.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
Protocol: smtp- Host:
smtp.yandex.com - Port:
587 - Username:
[email protected] - Password:
2019conCT@
Targets
-
-
Target
Order Datasheet.exe
-
Size
450KB
-
MD5
d291cf735dafebc152901e05c6463b9d
-
SHA1
eb625af674af3d1212577fbc81429d1b7c5b12cb
-
SHA256
88166d5d3f0678216521dc60b9b2049b18758b512cf6aad12e2b32ed1add1072
-
SHA512
50dca285f3be559fd8c63346a5f7adb511d73745173c7e6df2cd9bd9d3ee363cc676690666f7c3867848ba1734e8579b1a424d14d9a7e37a1e599d238d4f17a6
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Accesses Microsoft Outlook profiles
-