General
-
Target
c120d83996095eedead9140b82cc6b3d4c9830ffdbacaf36f617ddae1724a2ce
-
Size
380KB
-
Sample
220521-n1lynaede7
-
MD5
559d0d5765da4be29c548d4b666090ef
-
SHA1
db875577cc588e92cd78cd0f67bfd5c1cef15bda
-
SHA256
c120d83996095eedead9140b82cc6b3d4c9830ffdbacaf36f617ddae1724a2ce
-
SHA512
e28c99834efedb8d2e6fe497e08834b392b44cb0a6b4ebdc128615d579a55e5824e5f47f8beb9cceea4c4f4474133e79cd44c77eccf15f60f2803c8355e791ac
Static task
static1
Behavioral task
behavioral1
Sample
Order Datasheet1.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Order Datasheet1.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
Protocol: smtp- Host:
smtp.yandex.com - Port:
587 - Username:
xyzax@yandex.com - Password:
2019conCT@
Targets
-
-
Target
Order Datasheet1.exe
-
Size
439KB
-
MD5
7c8d1cf6bf7fc5f5b9c691137dc1cdec
-
SHA1
3c29c19f62fcacdbf24e5a08292edbbb606e5fa0
-
SHA256
f7dae6aa22f674d7053f544bf8c3649ccac4a80c439a65ddc50ee12fda9e02c1
-
SHA512
29ccf08dbfe60eca3ff82970b6d4742f0c66c55524f881571ca23dc22376ddc789d169e1a21f6b16f605b23cbfb39d378be1d0085dbee7f92c97bde905bb17af
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Accesses Microsoft Outlook profiles
-