General
-
Target
370aa8e99d8347708a134cd677295f86faaca3f084c543b2f64b67ef5eeec780
-
Size
218KB
-
Sample
221127-gkqhkshb2y
-
MD5
4c6f58578488cb276a75b7045ab624cb
-
SHA1
c982469467c81a1c35643515efdab780bd36111a
-
SHA256
370aa8e99d8347708a134cd677295f86faaca3f084c543b2f64b67ef5eeec780
-
SHA512
816989945b35a2a4c76b4f0140122173c3437d12d9b1f1c49f5fb0c64fdc85efaa68854546553ac37740f1665c258ec436b536ef86e65e6d56d08612aac00ea5
-
SSDEEP
6144:OmaeZIUy3UNmW3AlI9jAMRrIT/qVkSrRZU:npDyS1HraqicU
Behavioral task
behavioral1
Sample
370aa8e99d8347708a134cd677295f86faaca3f084c543b2f64b67ef5eeec780.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.calmahogar.com - Port:
587 - Username:
[email protected] - Password:
Analucas1000 - Email To:
[email protected]
Targets
-
-
Target
370aa8e99d8347708a134cd677295f86faaca3f084c543b2f64b67ef5eeec780
-
Size
218KB
-
MD5
4c6f58578488cb276a75b7045ab624cb
-
SHA1
c982469467c81a1c35643515efdab780bd36111a
-
SHA256
370aa8e99d8347708a134cd677295f86faaca3f084c543b2f64b67ef5eeec780
-
SHA512
816989945b35a2a4c76b4f0140122173c3437d12d9b1f1c49f5fb0c64fdc85efaa68854546553ac37740f1665c258ec436b536ef86e65e6d56d08612aac00ea5
-
SSDEEP
6144:OmaeZIUy3UNmW3AlI9jAMRrIT/qVkSrRZU:npDyS1HraqicU
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-