General
-
Target
f00366118644288d4246d7e4858744c401d6938e5dd4ddb7a9af134e90b19bb0
-
Size
590KB
-
Sample
231213-bqsl8sebar
-
MD5
a46707e1b842734539f968e048359d70
-
SHA1
5893aaf2d9aa3b557e9883922c7cacf15fbb37fb
-
SHA256
f00366118644288d4246d7e4858744c401d6938e5dd4ddb7a9af134e90b19bb0
-
SHA512
a47a690b720f25e21ad098789816a4da5ca8c1866df447936d46fed0c22cd9ca9ffe0e619f42c8b830461214f233651abcd0e7ff7467639d026be98e70e7b150
-
SSDEEP
12288:qYdl+4WpAE/yemGbkdaISYSc7LGqQJlqrLMSVPpQ6kEhoaCgr+:wpAEzdogl9aGqOc3PK6jH
Static task
static1
Behavioral task
behavioral1
Sample
f00366118644288d4246d7e4858744c401d6938e5dd4ddb7a9af134e90b19bb0.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
f00366118644288d4246d7e4858744c401d6938e5dd4ddb7a9af134e90b19bb0.exe
Resource
win10v2004-20231127-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.worlorderbillions.top - Port:
587 - Username:
[email protected] - Password:
7ace90qwerty - Email To:
[email protected]
Targets
-
-
Target
f00366118644288d4246d7e4858744c401d6938e5dd4ddb7a9af134e90b19bb0
-
Size
590KB
-
MD5
a46707e1b842734539f968e048359d70
-
SHA1
5893aaf2d9aa3b557e9883922c7cacf15fbb37fb
-
SHA256
f00366118644288d4246d7e4858744c401d6938e5dd4ddb7a9af134e90b19bb0
-
SHA512
a47a690b720f25e21ad098789816a4da5ca8c1866df447936d46fed0c22cd9ca9ffe0e619f42c8b830461214f233651abcd0e7ff7467639d026be98e70e7b150
-
SSDEEP
12288:qYdl+4WpAE/yemGbkdaISYSc7LGqQJlqrLMSVPpQ6kEhoaCgr+:wpAEzdogl9aGqOc3PK6jH
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-