General
-
Target
9f9d9f7f656b0de00a591e7260c10945f390eef8ad6cfa50b934813af2ea2d84
-
Size
630KB
-
Sample
231212-d6kbxaffa7
-
MD5
63b28ed62d152684f9e3c528a8c87c6f
-
SHA1
ea448d6fec8ab6429b9614f7aae6922dd949e1bb
-
SHA256
9f9d9f7f656b0de00a591e7260c10945f390eef8ad6cfa50b934813af2ea2d84
-
SHA512
1dc5ee11315277e7dd666e1f3d9fe3659605e7f9a436945f460d5938be6725a6f455ddbe3a000716985584cc183006ae86e37d6b7a2fbc7778283e06bed607f1
-
SSDEEP
12288:vN3IU8S6eUdFqnxNZsDcR0lfB1xymT7691CpXj0VhTsgDqsPnay2splvjw5:vVItSAdsxp0l7ImT4YXjGTsgDF12qy5
Static task
static1
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
cp5ua.hyperhost.ua - Port:
587 - Username:
[email protected] - Password:
7213575aceACE@# - Email To:
[email protected]
Targets
-
-
Target
9f9d9f7f656b0de00a591e7260c10945f390eef8ad6cfa50b934813af2ea2d84
-
Size
630KB
-
MD5
63b28ed62d152684f9e3c528a8c87c6f
-
SHA1
ea448d6fec8ab6429b9614f7aae6922dd949e1bb
-
SHA256
9f9d9f7f656b0de00a591e7260c10945f390eef8ad6cfa50b934813af2ea2d84
-
SHA512
1dc5ee11315277e7dd666e1f3d9fe3659605e7f9a436945f460d5938be6725a6f455ddbe3a000716985584cc183006ae86e37d6b7a2fbc7778283e06bed607f1
-
SSDEEP
12288:vN3IU8S6eUdFqnxNZsDcR0lfB1xymT7691CpXj0VhTsgDqsPnay2splvjw5:vVItSAdsxp0l7ImT4YXjGTsgDF12qy5
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Suspicious use of SetThreadContext
-