General
-
Target
tmpsizlv9u4
-
Size
962KB
-
Sample
230718-h8z8cshf51
-
MD5
4cfe2fae86fb8cce535fbd2234b46c82
-
SHA1
6ab470e2699bcd59ce5333343ed4980a6a82ac75
-
SHA256
c79294073204cc9a6fe6ed0559bc939ccca1cd4855603a2b62a480428af7a38e
-
SHA512
1fc2a60ef8cda806e0a7008507654c5cb93759bdb20690e635a5c1cbb63850fb077726db641f914d039e51579cf4e0674b34882d53249eef9175e971769a90c6
-
SSDEEP
24576:9k70TrcfEZKYEs67FIq9Wk95pbSwwp4JtW5Xj/x/+dprPgMPWEOkp:9kQTAfEZqsoFIOX3pbZwp4JtM/x/cYYd
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.mbarieservicesltd.com - Port:
587 - Username:
[email protected] - Password:
*o9H+18Q4%;M - Email To:
[email protected]
Targets
-
-
Target
tmpsizlv9u4
-
Size
962KB
-
MD5
4cfe2fae86fb8cce535fbd2234b46c82
-
SHA1
6ab470e2699bcd59ce5333343ed4980a6a82ac75
-
SHA256
c79294073204cc9a6fe6ed0559bc939ccca1cd4855603a2b62a480428af7a38e
-
SHA512
1fc2a60ef8cda806e0a7008507654c5cb93759bdb20690e635a5c1cbb63850fb077726db641f914d039e51579cf4e0674b34882d53249eef9175e971769a90c6
-
SSDEEP
24576:9k70TrcfEZKYEs67FIq9Wk95pbSwwp4JtW5Xj/x/+dprPgMPWEOkp:9kQTAfEZqsoFIOX3pbZwp4JtM/x/cYYd
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-