General
-
Target
SecuriteInfo.com.Trojan.Inject4.59820.14767.16252
-
Size
586KB
-
Sample
231208-pxq9msed9s
-
MD5
b8915103e9d639e762e83cf9c8bda9a9
-
SHA1
a9650b8e7d490e933bd05aa4539a617ed5319f03
-
SHA256
ce18daad377673d765ae77224400740842cc31aee43a2cdb5e5ac564fbbe908d
-
SHA512
f27fe7eb6d649fe81d8e6a64e775c8a32901161d1d4eab3bb4c525d9927e5716f015be7a72997f90b5cfbaa3daf0681fdd2d516fd7154ee42a24a4c8d1889919
-
SSDEEP
12288:XhkZ5IbmQRzs42dKmicNLXndCwcso0vji5RqhZjhnBCnZOvbzRof:XK/IKQRIsuzZcd0v1hZjhnYn8DzRof
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.Inject4.59820.14767.exe
Resource
win7-20231201-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.Inject4.59820.14767.exe
Resource
win10v2004-20231130-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.elec-qatar.com - Port:
587 - Username:
[email protected] - Password:
MHabrar2019@# - Email To:
[email protected]
Targets
-
-
Target
SecuriteInfo.com.Trojan.Inject4.59820.14767.16252
-
Size
586KB
-
MD5
b8915103e9d639e762e83cf9c8bda9a9
-
SHA1
a9650b8e7d490e933bd05aa4539a617ed5319f03
-
SHA256
ce18daad377673d765ae77224400740842cc31aee43a2cdb5e5ac564fbbe908d
-
SHA512
f27fe7eb6d649fe81d8e6a64e775c8a32901161d1d4eab3bb4c525d9927e5716f015be7a72997f90b5cfbaa3daf0681fdd2d516fd7154ee42a24a4c8d1889919
-
SSDEEP
12288:XhkZ5IbmQRzs42dKmicNLXndCwcso0vji5RqhZjhnBCnZOvbzRof:XK/IKQRIsuzZcd0v1hZjhnYn8DzRof
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-