General
-
Target
8f1b867615f0f773b24de6a6790ed08a6d49dcace18fdcb47fa6bbd576ef67f5
-
Size
974KB
-
Sample
220923-j5ctbsgbg9
-
MD5
6062f9b9e8daa8530afa044d4b1ca0cf
-
SHA1
b7b8669b7963496b6b78828dfa7cd81e49e0dded
-
SHA256
8f1b867615f0f773b24de6a6790ed08a6d49dcace18fdcb47fa6bbd576ef67f5
-
SHA512
fded6019eeed070aef7367439727ddf02a8f411b2b12f9704936d0bd0fdb2d622fbb9a10451af20410f50c43dccca8e5894947f6ac05729532782462cb3d639d
-
SSDEEP
12288:ihLuyAHsq+XGeQmfwk63c/85r9jEU79yjJS3DVYrUlJp7Qepxlu1sZ:ihLuyyCGeQmfz8c/E1p1qAlvHZ
Static task
static1
Behavioral task
behavioral1
Sample
8f1b867615f0f773b24de6a6790ed08a6d49dcace18fdcb47fa6bbd576ef67f5.exe
Resource
win10-20220812-en
Malware Config
Extracted
Protocol: smtp- Host:
smtp.yandex.com - Port:
587 - Username:
viorel5000@yandex.ru - Password:
YAWALESS123@@
Targets
-
-
Target
8f1b867615f0f773b24de6a6790ed08a6d49dcace18fdcb47fa6bbd576ef67f5
-
Size
974KB
-
MD5
6062f9b9e8daa8530afa044d4b1ca0cf
-
SHA1
b7b8669b7963496b6b78828dfa7cd81e49e0dded
-
SHA256
8f1b867615f0f773b24de6a6790ed08a6d49dcace18fdcb47fa6bbd576ef67f5
-
SHA512
fded6019eeed070aef7367439727ddf02a8f411b2b12f9704936d0bd0fdb2d622fbb9a10451af20410f50c43dccca8e5894947f6ac05729532782462cb3d639d
-
SSDEEP
12288:ihLuyAHsq+XGeQmfwk63c/85r9jEU79yjJS3DVYrUlJp7Qepxlu1sZ:ihLuyyCGeQmfz8c/E1p1qAlvHZ
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-