General
-
Target
990b71c0e3c625ca07987bb97900f37d10a260df8585438c48e628541509632a.exe
-
Size
614KB
-
Sample
231202-jggglsae8y
-
MD5
b46f6470550e3030e8275df2442be14a
-
SHA1
5fb7530fbfd2e695837d75456efa6f0f8b72717e
-
SHA256
990b71c0e3c625ca07987bb97900f37d10a260df8585438c48e628541509632a
-
SHA512
a98452da58a0741451eee99d3cf432021e8dd00a7e33cd8970eeec174c97085118f7cad5a0bae320856a675aa7f873b1b270d2ce32ee9d46719c61f23074858d
-
SSDEEP
12288:mqfLYYZXTyDMs1RkbSvsPTtoqhTCEYkffrdwc4vSoEYM742HpxOQCxFr0N+:9XTkMgRogWTtoqh207e/Sp82HpxOvxFw
Static task
static1
Behavioral task
behavioral1
Sample
990b71c0e3c625ca07987bb97900f37d10a260df8585438c48e628541509632a.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
990b71c0e3c625ca07987bb97900f37d10a260df8585438c48e628541509632a.exe
Resource
win10v2004-20231127-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
us2.smtp.mailhostbox.com - Port:
587 - Username:
[email protected] - Password:
EwQnrCo8 - Email To:
[email protected]
Targets
-
-
Target
990b71c0e3c625ca07987bb97900f37d10a260df8585438c48e628541509632a.exe
-
Size
614KB
-
MD5
b46f6470550e3030e8275df2442be14a
-
SHA1
5fb7530fbfd2e695837d75456efa6f0f8b72717e
-
SHA256
990b71c0e3c625ca07987bb97900f37d10a260df8585438c48e628541509632a
-
SHA512
a98452da58a0741451eee99d3cf432021e8dd00a7e33cd8970eeec174c97085118f7cad5a0bae320856a675aa7f873b1b270d2ce32ee9d46719c61f23074858d
-
SSDEEP
12288:mqfLYYZXTyDMs1RkbSvsPTtoqhTCEYkffrdwc4vSoEYM742HpxOQCxFr0N+:9XTkMgRogWTtoqh207e/Sp82HpxOvxFw
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-