General
-
Target
3f8013a553d5ec62d7acb84186febe78c7c9f9eff5a2aa8043f3e2356b717514
-
Size
673KB
-
Sample
231212-ll13xsagbr
-
MD5
d7c025a8a83c85be7cbc3762b13ba766
-
SHA1
c19094d8336ebf1d021d7c8029f99635ab6b063f
-
SHA256
3f8013a553d5ec62d7acb84186febe78c7c9f9eff5a2aa8043f3e2356b717514
-
SHA512
ea5f29da5707a90215a729a50a707e5bf646bcb3745e91c322c2a8c9576c13cb79caf038290af74392507fdd1a2da93bf45dc5168fe032e59ebce1fd6350eda5
-
SSDEEP
12288:OQa+4WpAEsyiSkvEs/63ZOh4xAdV6tJHTX5YysuIa+DYkIfuVoP+:9pAEG7vEsy3a4qdV6nrGC+kLG
Static task
static1
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
cp5ua.hyperhost.ua - Port:
587 - Username:
[email protected] - Password:
7213575aceACE@# - Email To:
[email protected]
Targets
-
-
Target
3f8013a553d5ec62d7acb84186febe78c7c9f9eff5a2aa8043f3e2356b717514
-
Size
673KB
-
MD5
d7c025a8a83c85be7cbc3762b13ba766
-
SHA1
c19094d8336ebf1d021d7c8029f99635ab6b063f
-
SHA256
3f8013a553d5ec62d7acb84186febe78c7c9f9eff5a2aa8043f3e2356b717514
-
SHA512
ea5f29da5707a90215a729a50a707e5bf646bcb3745e91c322c2a8c9576c13cb79caf038290af74392507fdd1a2da93bf45dc5168fe032e59ebce1fd6350eda5
-
SSDEEP
12288:OQa+4WpAEsyiSkvEs/63ZOh4xAdV6tJHTX5YysuIa+DYkIfuVoP+:9pAEG7vEsy3a4qdV6nrGC+kLG
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Suspicious use of SetThreadContext
-