General
-
Target
fcf545c44ad99d243f3f2be37b7451972b43a476736838573f538512be8a9327
-
Size
760KB
-
Sample
231205-v3e2fsdg77
-
MD5
9bb9279cb7f17624c529a68ac76b7a70
-
SHA1
ac572ffbb4cc772cbdc799d0a1386225505f9aba
-
SHA256
fcf545c44ad99d243f3f2be37b7451972b43a476736838573f538512be8a9327
-
SHA512
659c99b984d09fe37adbf655c8126d393992521385ee3011bcfdde2aee9797cb68f6159c32ffc09d5aefd43b1e0e65ccb5ecb3d055f5873435eb21b76080c1dd
-
SSDEEP
12288:PaF9IxpDcwlfy+09rOgfauhovWNWsCoL/8r08epn503YcG9Tude7cXf7RaeZeYv:iF90powYOK+eNWXo4rE5nh7wfdaeR
Static task
static1
Behavioral task
behavioral1
Sample
Documents as requested.bat
Resource
win7-20231201-en
Behavioral task
behavioral2
Sample
Documents as requested.bat
Resource
win10v2004-20231127-en
Malware Config
Extracted
agenttesla
Protocol: ftp- Host:
ftp://files.000webhost.com - Port:
21 - Username:
tain00 - Password:
computer@2020
Targets
-
-
Target
Documents as requested.bat
-
Size
1006KB
-
MD5
171e778657c7295e85e8300f360cb8f3
-
SHA1
514c680ac7eff0d76b0c3ab4a8843aaded52864b
-
SHA256
79261cedc12a63f6a3ee3bb58e45823a27b8a874975a095f6a875836a6bdda45
-
SHA512
de2537391585cc7f0124460a81f78bd771f60608228fe19bb564cf44a649693f752465fe82e9cd7edd255361f2b968766da919357088a5624149f12bc7caaf04
-
SSDEEP
24576:kxzN/hRdkbOXdtw3hQxSKXRMUMerPAY0OiXkXdsLg:klLwRkzyTe0SMg
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Executes dropped EXE
-