General
-
Target
3ca56f33e059db8134afe2e7eede590ca04bea1c8bbf9feefd3b0ef234806833
-
Size
553KB
-
Sample
231205-vxd7zadf52
-
MD5
706ebcdb89c9bf3aa7242fbfe24efa05
-
SHA1
2e8076d44acc311d89c142c9524efa8529508fac
-
SHA256
3ca56f33e059db8134afe2e7eede590ca04bea1c8bbf9feefd3b0ef234806833
-
SHA512
d9d8eed6944a68119b65c5476c8638039abfb2eed9cccce7dac4d104a5191568fb112a58c1ed6a14f3a8c2a652f2cbf1b818ecf9feaf9e7867f705a41548e00a
-
SSDEEP
12288:s45+po2wdboAXsk08svUqCPKtGr7ne91etwWoNthcI:v+pJwd0+08XzKorK917W8
Static task
static1
Behavioral task
behavioral1
Sample
3ca56f33e059db8134afe2e7eede590ca04bea1c8bbf9feefd3b0ef234806833.exe
Resource
win7-20231130-en
Behavioral task
behavioral2
Sample
3ca56f33e059db8134afe2e7eede590ca04bea1c8bbf9feefd3b0ef234806833.exe
Resource
win10v2004-20231130-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
us2.smtp.mailhostbox.com - Port:
587 - Username:
[email protected] - Password:
JUGCRsm9 - Email To:
[email protected]
Targets
-
-
Target
3ca56f33e059db8134afe2e7eede590ca04bea1c8bbf9feefd3b0ef234806833
-
Size
553KB
-
MD5
706ebcdb89c9bf3aa7242fbfe24efa05
-
SHA1
2e8076d44acc311d89c142c9524efa8529508fac
-
SHA256
3ca56f33e059db8134afe2e7eede590ca04bea1c8bbf9feefd3b0ef234806833
-
SHA512
d9d8eed6944a68119b65c5476c8638039abfb2eed9cccce7dac4d104a5191568fb112a58c1ed6a14f3a8c2a652f2cbf1b818ecf9feaf9e7867f705a41548e00a
-
SSDEEP
12288:s45+po2wdboAXsk08svUqCPKtGr7ne91etwWoNthcI:v+pJwd0+08XzKorK917W8
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-