General
-
Target
2992b737cc487bae341eee8c6b11377b5baaace7ee2904ba6e4c91c542f1a515exe.exe
-
Size
883KB
-
Sample
231207-x7w7mseg78
-
MD5
db1f3dcaf38e21694f56bbe0bda7f65d
-
SHA1
da91c43d51e1a2f70cd5211a88de5ed7e38efbb7
-
SHA256
2992b737cc487bae341eee8c6b11377b5baaace7ee2904ba6e4c91c542f1a515
-
SHA512
d100b8b4b87f83f64bcfeda23e0fa077be8476ee9ec8d941332939f5824eae70fc76d037b22f3018168c185dc472f82a3ecdd906e38a62b13e451ddec6154db1
-
SSDEEP
24576:W/Le7eGlPG3CfUWrcKh1bnTysQnjTItqb1q:Wa7eGRfdNhKAtn
Static task
static1
Behavioral task
behavioral1
Sample
2992b737cc487bae341eee8c6b11377b5baaace7ee2904ba6e4c91c542f1a515exe.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2992b737cc487bae341eee8c6b11377b5baaace7ee2904ba6e4c91c542f1a515exe.exe
Resource
win10v2004-20231130-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.bezzleauto.com - Port:
587 - Username:
[email protected] - Password:
Kene123456789 - Email To:
[email protected]
Targets
-
-
Target
2992b737cc487bae341eee8c6b11377b5baaace7ee2904ba6e4c91c542f1a515exe.exe
-
Size
883KB
-
MD5
db1f3dcaf38e21694f56bbe0bda7f65d
-
SHA1
da91c43d51e1a2f70cd5211a88de5ed7e38efbb7
-
SHA256
2992b737cc487bae341eee8c6b11377b5baaace7ee2904ba6e4c91c542f1a515
-
SHA512
d100b8b4b87f83f64bcfeda23e0fa077be8476ee9ec8d941332939f5824eae70fc76d037b22f3018168c185dc472f82a3ecdd906e38a62b13e451ddec6154db1
-
SSDEEP
24576:W/Le7eGlPG3CfUWrcKh1bnTysQnjTItqb1q:Wa7eGRfdNhKAtn
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-