General
-
Target
06e59d41e064fcbd15d3d5fac87fd3a37b13a552024d50b62876983117facaeb
-
Size
637KB
-
Sample
231205-dazrqahc28
-
MD5
a937c3f561fa168c6b6f1a1c14692f32
-
SHA1
8e94dfab8338958d142c0ecf8793a1db7beac7d4
-
SHA256
06e59d41e064fcbd15d3d5fac87fd3a37b13a552024d50b62876983117facaeb
-
SHA512
ccbb86415e47226c6c86c250cf5c7863eac1dc49f4237844f11ce7e48041310eeea172e6a249c7a163f08201b0937987052f5dbf1b70b89eeb2e051836d06e64
-
SSDEEP
12288:545+po2yUUbWmCh0ifwOBOnfHMzBqxHpNAiFJPPbGkNG:E+pJIOOHUBqxJvJPx
Static task
static1
Behavioral task
behavioral1
Sample
06e59d41e064fcbd15d3d5fac87fd3a37b13a552024d50b62876983117facaeb.exe
Resource
win7-20231130-en
Behavioral task
behavioral2
Sample
06e59d41e064fcbd15d3d5fac87fd3a37b13a552024d50b62876983117facaeb.exe
Resource
win10v2004-20231130-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
cp5ua.hyperhost.ua - Port:
587 - Username:
[email protected] - Password:
7213575aceACE@#$ - Email To:
[email protected]
Targets
-
-
Target
06e59d41e064fcbd15d3d5fac87fd3a37b13a552024d50b62876983117facaeb
-
Size
637KB
-
MD5
a937c3f561fa168c6b6f1a1c14692f32
-
SHA1
8e94dfab8338958d142c0ecf8793a1db7beac7d4
-
SHA256
06e59d41e064fcbd15d3d5fac87fd3a37b13a552024d50b62876983117facaeb
-
SHA512
ccbb86415e47226c6c86c250cf5c7863eac1dc49f4237844f11ce7e48041310eeea172e6a249c7a163f08201b0937987052f5dbf1b70b89eeb2e051836d06e64
-
SSDEEP
12288:545+po2yUUbWmCh0ifwOBOnfHMzBqxHpNAiFJPPbGkNG:E+pJIOOHUBqxJvJPx
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-