General
-
Target
SecuriteInfo.com.Win32.HacktoolX-gen.28418.13356.exe
-
Size
1.1MB
-
Sample
221205-syl8vsff9y
-
MD5
9a0b108728953eb056acabd5838eb96f
-
SHA1
30c00233cb6c7a838aaca427764daec8e8f861bc
-
SHA256
1223d62bc266486dd7cae8cad10de9ef5b60fa1a7dd9113723613758d38845b8
-
SHA512
2b0880aac549d13546daa3aee8087f3ece2f74be4e2817a0529e5a0ad6e38ff134606387f9df19a709b771bd772abc5ec55aba18ae829dd92599e48d9f50347a
-
SSDEEP
24576:FYAMOoEzlK3c8wwmx4Q1xNBR4maitt4f8OSKwz7NGIm:FFoEOmuExNBOvKtGSKwfNa
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.HacktoolX-gen.28418.13356.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Win32.HacktoolX-gen.28418.13356.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
us2.smtp.mailhostbox.com - Port:
587 - Username:
[email protected] - Password:
bG^VamX7@@
Targets
-
-
Target
SecuriteInfo.com.Win32.HacktoolX-gen.28418.13356.exe
-
Size
1.1MB
-
MD5
9a0b108728953eb056acabd5838eb96f
-
SHA1
30c00233cb6c7a838aaca427764daec8e8f861bc
-
SHA256
1223d62bc266486dd7cae8cad10de9ef5b60fa1a7dd9113723613758d38845b8
-
SHA512
2b0880aac549d13546daa3aee8087f3ece2f74be4e2817a0529e5a0ad6e38ff134606387f9df19a709b771bd772abc5ec55aba18ae829dd92599e48d9f50347a
-
SSDEEP
24576:FYAMOoEzlK3c8wwmx4Q1xNBR4maitt4f8OSKwz7NGIm:FFoEOmuExNBOvKtGSKwfNa
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-