General
-
Target
7485025e551651edc1eb209f0b46891eedf97e651fc85016b2cc4afa922a5cb7
-
Size
278KB
-
Sample
220524-1p1znahbg9
-
MD5
e38375a3dca073b1ed055c36a6b7da2c
-
SHA1
93283442ff5c7eab6a8c20d176dc08c81963a09b
-
SHA256
7485025e551651edc1eb209f0b46891eedf97e651fc85016b2cc4afa922a5cb7
-
SHA512
73f34195ed5761cd511388a37b9d8620942f18a6e6d1c40b21cbb1487bb2725f70c3ad176d1ebc9574de3f7e5cc8ba63a6724b4142125f5ff46a5b59eb583b85
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
terminal6.veeblehosting.com - Port:
587 - Username:
bnt@a-t-mould.com - Password:
G$d9PPp@0eqq
Targets
-
-
Target
7485025e551651edc1eb209f0b46891eedf97e651fc85016b2cc4afa922a5cb7
-
Size
278KB
-
MD5
e38375a3dca073b1ed055c36a6b7da2c
-
SHA1
93283442ff5c7eab6a8c20d176dc08c81963a09b
-
SHA256
7485025e551651edc1eb209f0b46891eedf97e651fc85016b2cc4afa922a5cb7
-
SHA512
73f34195ed5761cd511388a37b9d8620942f18a6e6d1c40b21cbb1487bb2725f70c3ad176d1ebc9574de3f7e5cc8ba63a6724b4142125f5ff46a5b59eb583b85
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-