General
-
Target
Supply List QT46178 REV 01 - Bubble Number ITEM 18 - ITEM 24.exe
-
Size
80.0MB
-
Sample
240125-tc8emsbaen
-
MD5
f1c461c6f971459994b7252e7455fa08
-
SHA1
1b353efbca36a3e8401c8de2998075b3c2e90db5
-
SHA256
e081ca8b5728fb597ab6ef5853adbb58e3e576386bb566b48dff5e3b92dc02fe
-
SHA512
58f2a5302ba3c31f7a8f86178197dd4c57fbd7116b50676c2924e46784fd9c38a1f553643b421b2e380abd3480e759294f38cc70614e6e5c58addf954cfe852e
-
SSDEEP
12288:SH+0P2MkJ02BSIkQMEdWxQxb7kzT+MH1p26qDA8h9:Sp7klBSIkDqRxb7kzT+upDqr
Static task
static1
Behavioral task
behavioral1
Sample
Supply List QT46178 REV 01 - Bubble Number ITEM 18 - ITEM 24.exe
Resource
win7-20231215-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.flecon.com.sg - Port:
587 - Username:
[email protected] - Password:
MDQ6KTYAVAE7 - Email To:
[email protected]
Targets
-
-
Target
Supply List QT46178 REV 01 - Bubble Number ITEM 18 - ITEM 24.exe
-
Size
80.0MB
-
MD5
f1c461c6f971459994b7252e7455fa08
-
SHA1
1b353efbca36a3e8401c8de2998075b3c2e90db5
-
SHA256
e081ca8b5728fb597ab6ef5853adbb58e3e576386bb566b48dff5e3b92dc02fe
-
SHA512
58f2a5302ba3c31f7a8f86178197dd4c57fbd7116b50676c2924e46784fd9c38a1f553643b421b2e380abd3480e759294f38cc70614e6e5c58addf954cfe852e
-
SSDEEP
12288:SH+0P2MkJ02BSIkQMEdWxQxb7kzT+MH1p26qDA8h9:Sp7klBSIkDqRxb7kzT+upDqr
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-