General
-
Target
80211631edae888736f37c96d6756b2195da3e8cc971ee574d288bd248923d89
-
Size
704KB
-
Sample
231209-b74qtsfeh2
-
MD5
1e200c8b6c2ffe0622eed61f1c842660
-
SHA1
9b5fab6deb498f0ef04fd1b4815bae9af86240e8
-
SHA256
80211631edae888736f37c96d6756b2195da3e8cc971ee574d288bd248923d89
-
SHA512
7391f56b799141a8c409336d0075f35b7d43d43692193518440a655d89f1be275d27e1b1ae7ea01b084858dd5534192ad406c314c9a4de87ce0624b7d3b42990
-
SSDEEP
12288:Le2FV4Nq/QIi7sgblxIDmAviJoEyTZ33a33S333333+H:LmQIb7NwDU2OH
Static task
static1
Behavioral task
behavioral1
Sample
80211631edae888736f37c96d6756b2195da3e8cc971ee574d288bd248923d89.exe
Resource
win7-20231201-en
Behavioral task
behavioral2
Sample
80211631edae888736f37c96d6756b2195da3e8cc971ee574d288bd248923d89.exe
Resource
win10v2004-20231127-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
gator3220.hostgator.com - Port:
587 - Username:
[email protected] - Password:
RS#w!TZ505!!@@ND - Email To:
[email protected]
Targets
-
-
Target
80211631edae888736f37c96d6756b2195da3e8cc971ee574d288bd248923d89
-
Size
704KB
-
MD5
1e200c8b6c2ffe0622eed61f1c842660
-
SHA1
9b5fab6deb498f0ef04fd1b4815bae9af86240e8
-
SHA256
80211631edae888736f37c96d6756b2195da3e8cc971ee574d288bd248923d89
-
SHA512
7391f56b799141a8c409336d0075f35b7d43d43692193518440a655d89f1be275d27e1b1ae7ea01b084858dd5534192ad406c314c9a4de87ce0624b7d3b42990
-
SSDEEP
12288:Le2FV4Nq/QIi7sgblxIDmAviJoEyTZ33a33S333333+H:LmQIb7NwDU2OH
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-