General
-
Target
04897f9c28dd45cf8d3c486c81386e41f5ef45a927c2b2848397e0e081759823
-
Size
663KB
-
Sample
231213-b9zvnaeddr
-
MD5
f118a46b685db6fd9d354a7810e65a3c
-
SHA1
9f6cfe1ee06d986b5e42a12bd4352d2645e6e9e5
-
SHA256
04897f9c28dd45cf8d3c486c81386e41f5ef45a927c2b2848397e0e081759823
-
SHA512
8204b6af49f3e8b90d01fe25973c010e2e7d5dc3121534611b84c5f89277483349a94f97a8483b0766ba8b52142a097ae1b063471072f1e9c9ac3634a08eb8b7
-
SSDEEP
12288:vdW0+4WpAE7yw2aLUmiLDkFXSBPEvbktKMwpszOOesLJ2uV5rTWoe1OWrw+:OpAElSHkFiuszVLJ2uV5rTWoe7
Static task
static1
Behavioral task
behavioral1
Sample
04897f9c28dd45cf8d3c486c81386e41f5ef45a927c2b2848397e0e081759823.exe
Resource
win7-20231201-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.cesky-hosting.cz - Port:
587 - Username:
[email protected] - Password:
781636OoL+ - Email To:
[email protected]
Targets
-
-
Target
04897f9c28dd45cf8d3c486c81386e41f5ef45a927c2b2848397e0e081759823
-
Size
663KB
-
MD5
f118a46b685db6fd9d354a7810e65a3c
-
SHA1
9f6cfe1ee06d986b5e42a12bd4352d2645e6e9e5
-
SHA256
04897f9c28dd45cf8d3c486c81386e41f5ef45a927c2b2848397e0e081759823
-
SHA512
8204b6af49f3e8b90d01fe25973c010e2e7d5dc3121534611b84c5f89277483349a94f97a8483b0766ba8b52142a097ae1b063471072f1e9c9ac3634a08eb8b7
-
SSDEEP
12288:vdW0+4WpAE7yw2aLUmiLDkFXSBPEvbktKMwpszOOesLJ2uV5rTWoe1OWrw+:OpAElSHkFiuszVLJ2uV5rTWoe7
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Suspicious use of SetThreadContext
-