General
-
Target
New inquiry - Qingdao Wisdom International Supply Chain Management Co Ltd.exe
-
Size
794KB
-
Sample
230327-pygrlafe5w
-
MD5
71cf68e20364b584bb08ea08f2d64b9b
-
SHA1
60402cf86e50c425e4852ee761c2d7650e76ba56
-
SHA256
920961f43c4590704b068fb3bd274325c966908e805f7994522ce173e7e4c0ec
-
SHA512
028d3267066b3da3e8f51fe957e2d6e2a9c71e7d713460e1831f1e3b1f18093d52e1155059aa8e65dc6c8ff8e70077c910d711f1a6222d3f0717130de124392a
-
SSDEEP
24576:WA5xZDunGsiJgD1iYpOe7A6R90HRYVuAMVn:H57unGsi61iYnMVn
Static task
static1
Behavioral task
behavioral1
Sample
New inquiry - Qingdao Wisdom International Supply Chain Management Co Ltd.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
New inquiry - Qingdao Wisdom International Supply Chain Management Co Ltd.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
us2.smtp.mailhostbox.com - Port:
587 - Username:
vmeee@kopamarine.xyz - Password:
LC%UjBd1badmanSacr@@ - Email To:
vmeee@kopamarine.xyz
Targets
-
-
Target
New inquiry - Qingdao Wisdom International Supply Chain Management Co Ltd.exe
-
Size
794KB
-
MD5
71cf68e20364b584bb08ea08f2d64b9b
-
SHA1
60402cf86e50c425e4852ee761c2d7650e76ba56
-
SHA256
920961f43c4590704b068fb3bd274325c966908e805f7994522ce173e7e4c0ec
-
SHA512
028d3267066b3da3e8f51fe957e2d6e2a9c71e7d713460e1831f1e3b1f18093d52e1155059aa8e65dc6c8ff8e70077c910d711f1a6222d3f0717130de124392a
-
SSDEEP
24576:WA5xZDunGsiJgD1iYpOe7A6R90HRYVuAMVn:H57unGsi61iYnMVn
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-