General
-
Target
URGENT REQUEST.exe
-
Size
64KB
-
Sample
230206-r5ayqshf9w
-
MD5
3031228682ee992a8c75b0b7e767b794
-
SHA1
c0beabc62747ee62fbb05eb35284cc382a9a25fe
-
SHA256
2b7d52cff6d8153c70e007f4b88b38788b6205144cb65c60b76272dc838acc8b
-
SHA512
4fbadca7a43b04946afab52fd39e7de1ce34677d93316ff1f471105331af29e9787979fd6a6c3be2e1d6be0253fbd2b67c6f5963b618ebdeec030a77e49254aa
-
SSDEEP
768:EkOyF9AKzI19Nn7cx4vn+vEqMtpYYkhN40LO6dusn04eF:xOe9AA49Nn7cxgMEqMt8N40ymuL3F
Static task
static1
Behavioral task
behavioral1
Sample
URGENT REQUEST.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
URGENT REQUEST.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
focuzpartsmart.com - Port:
587 - Username:
johnsonpc@focuzpartsmart.com - Password:
FpmJhn@2023 - Email To:
decenmomodou20@gmail.com
Targets
-
-
Target
URGENT REQUEST.exe
-
Size
64KB
-
MD5
3031228682ee992a8c75b0b7e767b794
-
SHA1
c0beabc62747ee62fbb05eb35284cc382a9a25fe
-
SHA256
2b7d52cff6d8153c70e007f4b88b38788b6205144cb65c60b76272dc838acc8b
-
SHA512
4fbadca7a43b04946afab52fd39e7de1ce34677d93316ff1f471105331af29e9787979fd6a6c3be2e1d6be0253fbd2b67c6f5963b618ebdeec030a77e49254aa
-
SSDEEP
768:EkOyF9AKzI19Nn7cx4vn+vEqMtpYYkhN40LO6dusn04eF:xOe9AA49Nn7cxgMEqMt8N40ymuL3F
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-