General
-
Target
Technical Datasheet.exe
-
Size
714KB
-
Sample
230403-s8r7vsff92
-
MD5
247f3b0bca91d926a4c89fb8f730e5e2
-
SHA1
82b18f874db86a8d3e4877c1904948592897761f
-
SHA256
2a2c485b35334153b9fa9f373dce72eed4f1d2dd4c0652760b8185cbad5ba0aa
-
SHA512
3b9696407c2d7b5517da2bde36dd26892c620254496a55c550bbf1fee1118938df3665eb2aee20df0d1bf860af297377d94c0f8bbdca880a9442bbc4d9b40bc9
-
SSDEEP
12288:45CBWKdq1FbwwJLwrRq1JsQT2aRtB55fSAAEwvfLZpV7I+OgEUDwwGXwRbqz:LfrpFcf2aRtBj2Tdpa9GUWbqz
Static task
static1
Behavioral task
behavioral1
Sample
Technical Datasheet.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Technical Datasheet.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
agenttesla
Protocol: ftp- Host:
ftp://ftp.dutygroup.com.br - Port:
21 - Username:
[email protected] - Password:
MelayeResults23@
Targets
-
-
Target
Technical Datasheet.exe
-
Size
714KB
-
MD5
247f3b0bca91d926a4c89fb8f730e5e2
-
SHA1
82b18f874db86a8d3e4877c1904948592897761f
-
SHA256
2a2c485b35334153b9fa9f373dce72eed4f1d2dd4c0652760b8185cbad5ba0aa
-
SHA512
3b9696407c2d7b5517da2bde36dd26892c620254496a55c550bbf1fee1118938df3665eb2aee20df0d1bf860af297377d94c0f8bbdca880a9442bbc4d9b40bc9
-
SSDEEP
12288:45CBWKdq1FbwwJLwrRq1JsQT2aRtB55fSAAEwvfLZpV7I+OgEUDwwGXwRbqz:LfrpFcf2aRtBj2Tdpa9GUWbqz
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-