General
-
Target
frggg.exe
-
Size
124KB
-
Sample
220522-f4kwrsfgd5
-
MD5
427677a63ce7eb55195c330aecfcc139
-
SHA1
0a7bba3b85b4e54188e9f0056f91c01b4b56ae7c
-
SHA256
52b735ad78f481b5cf50e737fad29bfbf75037b5a56ee4c9d1183fad58fd39cf
-
SHA512
629526d7b5f720a242b5a39716c5b37193ad32869dce03694be078d1463db0923be379cd79f79b3c444fbbd2fae936a8d08e913fd233d3858d8f0c22fc2e7661
Static task
static1
Behavioral task
behavioral1
Sample
frggg.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
frggg.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.centraldefiltros.cl - Port:
587 - Username:
droidyandex@centraldefiltros.cl - Password:
icui4cu2@@ - Email To:
droidyandexreports@centraldefiltros.cl
Targets
-
-
Target
frggg.exe
-
Size
124KB
-
MD5
427677a63ce7eb55195c330aecfcc139
-
SHA1
0a7bba3b85b4e54188e9f0056f91c01b4b56ae7c
-
SHA256
52b735ad78f481b5cf50e737fad29bfbf75037b5a56ee4c9d1183fad58fd39cf
-
SHA512
629526d7b5f720a242b5a39716c5b37193ad32869dce03694be078d1463db0923be379cd79f79b3c444fbbd2fae936a8d08e913fd233d3858d8f0c22fc2e7661
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-