General
-
Target
b1d4645e622fbbf65bec351d61746bb3fd0789cd9723be810c913b828e5bd93f
-
Size
624KB
-
Sample
231213-brl6vafed8
-
MD5
801a36e70c28271bbdd559e7c6fa6a89
-
SHA1
aecc5f8ccab154e24c0f3c21d5a69531e010cfe8
-
SHA256
b1d4645e622fbbf65bec351d61746bb3fd0789cd9723be810c913b828e5bd93f
-
SHA512
723900d1397f53e30d7f956116adb671c795c7f179d6806d8a334c518f3e387acbe53d8f4b3feb91fa7cd41c2cdc8455afc084de6eaf58ccae3315f3e5491f36
-
SSDEEP
12288:aC3IU8S6eUdM8aVq00wa9E0pReR6nQNlifNECeyIbTrHtAscDabqkEP:aYItSAd8qhwa9bjKn8NECe5nHtAscDab
Static task
static1
Behavioral task
behavioral1
Sample
b1d4645e622fbbf65bec351d61746bb3fd0789cd9723be810c913b828e5bd93f.exe
Resource
win7-20231201-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
cp5ua.hyperhost.ua - Port:
587 - Username:
[email protected] - Password:
7213575aceACE@#$ - Email To:
[email protected]
Extracted
Protocol: smtp- Host:
cp5ua.hyperhost.ua - Port:
587 - Username:
[email protected] - Password:
7213575aceACE@#$
Targets
-
-
Target
b1d4645e622fbbf65bec351d61746bb3fd0789cd9723be810c913b828e5bd93f
-
Size
624KB
-
MD5
801a36e70c28271bbdd559e7c6fa6a89
-
SHA1
aecc5f8ccab154e24c0f3c21d5a69531e010cfe8
-
SHA256
b1d4645e622fbbf65bec351d61746bb3fd0789cd9723be810c913b828e5bd93f
-
SHA512
723900d1397f53e30d7f956116adb671c795c7f179d6806d8a334c518f3e387acbe53d8f4b3feb91fa7cd41c2cdc8455afc084de6eaf58ccae3315f3e5491f36
-
SSDEEP
12288:aC3IU8S6eUdM8aVq00wa9E0pReR6nQNlifNECeyIbTrHtAscDabqkEP:aYItSAd8qhwa9bjKn8NECe5nHtAscDab
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Suspicious use of SetThreadContext
-