General
-
Target
Ltd-2PKGS 702KGS 1.44CBM-2023-01-17-160-53565805 DEL.exe
-
Size
1.0MB
-
Sample
230403-qaxnksge5w
-
MD5
925c0f515da9a950aae271a82493441b
-
SHA1
6e353faae64a5d487497105d476de60c33b310d1
-
SHA256
5be19a526bc4d972b4ce0ea323a03f8f364b22363c25c7f6250ffaf7904b90c6
-
SHA512
a152cf8b2fc75b4cfae5cc0206d348f2420179d976b1a12cfff00ca1dfc700dc40985f923c145da8917e99b379aee4166bcb14c398cfbc9f22b8bbdf089da10c
-
SSDEEP
12288:1tPVSOmCLjZ8yywVjfiqM9gd5fGTntwLi76+JGV8jZVnDTDkym3qJGF+Jl1KlYNJ:LUOmC/gwVbxM9s2tyFVo
Static task
static1
Behavioral task
behavioral1
Sample
Ltd-2PKGS 702KGS 1.44CBM-2023-01-17-160-53565805 DEL.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Ltd-2PKGS 702KGS 1.44CBM-2023-01-17-160-53565805 DEL.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.expertsconsultgh.co - Port:
587 - Username:
[email protected] - Password:
Oppong.2012 - Email To:
[email protected]
Targets
-
-
Target
Ltd-2PKGS 702KGS 1.44CBM-2023-01-17-160-53565805 DEL.exe
-
Size
1.0MB
-
MD5
925c0f515da9a950aae271a82493441b
-
SHA1
6e353faae64a5d487497105d476de60c33b310d1
-
SHA256
5be19a526bc4d972b4ce0ea323a03f8f364b22363c25c7f6250ffaf7904b90c6
-
SHA512
a152cf8b2fc75b4cfae5cc0206d348f2420179d976b1a12cfff00ca1dfc700dc40985f923c145da8917e99b379aee4166bcb14c398cfbc9f22b8bbdf089da10c
-
SSDEEP
12288:1tPVSOmCLjZ8yywVjfiqM9gd5fGTntwLi76+JGV8jZVnDTDkym3qJGF+Jl1KlYNJ:LUOmC/gwVbxM9s2tyFVo
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-