General
-
Target
17589e726e9a629be05b4a39848c3a399549b646c38bbe9ac4c301a261dacc8f
-
Size
888KB
-
Sample
221003-m8k6nadccn
-
MD5
25d6c4747284bf8489b1faa56a1ddd42
-
SHA1
49112625189085cdde41b13809efa60d3d26fc5a
-
SHA256
17589e726e9a629be05b4a39848c3a399549b646c38bbe9ac4c301a261dacc8f
-
SHA512
62c9f541b7db2be928de9678b050efe98769b573fbf4855ec343a78527618c4c63c7a0c3bd1fda26d9232dc27fd47bf254d6c4984f86d2397d4266c19f6216f9
-
SSDEEP
12288:zK4HTNfVv2SM15g7MW6ZWPVSmb33VqYs/+exRtOM7LXCtj:fv24MlQPPVqd/+e9OM+
Static task
static1
Behavioral task
behavioral1
Sample
17589e726e9a629be05b4a39848c3a399549b646c38bbe9ac4c301a261dacc8f.exe
Resource
win10-20220901-en
Malware Config
Extracted
Protocol: smtp- Host:
smtp.yandex.com - Port:
587 - Username:
viorel5000@yandex.ru - Password:
YAWALESS123@@
Targets
-
-
Target
17589e726e9a629be05b4a39848c3a399549b646c38bbe9ac4c301a261dacc8f
-
Size
888KB
-
MD5
25d6c4747284bf8489b1faa56a1ddd42
-
SHA1
49112625189085cdde41b13809efa60d3d26fc5a
-
SHA256
17589e726e9a629be05b4a39848c3a399549b646c38bbe9ac4c301a261dacc8f
-
SHA512
62c9f541b7db2be928de9678b050efe98769b573fbf4855ec343a78527618c4c63c7a0c3bd1fda26d9232dc27fd47bf254d6c4984f86d2397d4266c19f6216f9
-
SSDEEP
12288:zK4HTNfVv2SM15g7MW6ZWPVSmb33VqYs/+exRtOM7LXCtj:fv24MlQPPVqd/+e9OM+
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-