General
-
Target
6db288a6dbd0684c4978fa8efa113e733b8c670f04a3bf2ceebe9487ad379142_JC.exe
-
Size
2.3MB
-
Sample
230805-njtxyaca77
-
MD5
f9517124ea186fa125326ed4feb50da3
-
SHA1
a27b52a43913c3e5d2aeaf0997dbd991f67e52bd
-
SHA256
6db288a6dbd0684c4978fa8efa113e733b8c670f04a3bf2ceebe9487ad379142
-
SHA512
c931c49676cfe2d9cbec55c4691d69124521f1c11318c83dcb9142730b2d56758bcdbaeadf25df8713952d443157e15cec9a440e8d6295e52e9bbf20429fd4c9
-
SSDEEP
24576:i1aVYP+XpZ+8vSv5IGvshsGcuWVpzszn/HEeHKXNs9zyMNbYgzn45tsI0Y9uLSiF:7Zr+CWP47c9XNs9tFZn452jH/
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
gator3220.hostgator.com - Port:
587 - Username:
[email protected] - Password:
TUKTUK55@@<<! - Email To:
[email protected]
Targets
-
-
Target
6db288a6dbd0684c4978fa8efa113e733b8c670f04a3bf2ceebe9487ad379142_JC.exe
-
Size
2.3MB
-
MD5
f9517124ea186fa125326ed4feb50da3
-
SHA1
a27b52a43913c3e5d2aeaf0997dbd991f67e52bd
-
SHA256
6db288a6dbd0684c4978fa8efa113e733b8c670f04a3bf2ceebe9487ad379142
-
SHA512
c931c49676cfe2d9cbec55c4691d69124521f1c11318c83dcb9142730b2d56758bcdbaeadf25df8713952d443157e15cec9a440e8d6295e52e9bbf20429fd4c9
-
SSDEEP
24576:i1aVYP+XpZ+8vSv5IGvshsGcuWVpzszn/HEeHKXNs9zyMNbYgzn45tsI0Y9uLSiF:7Zr+CWP47c9XNs9tFZn452jH/
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-