General
-
Target
LZ_0378392893038_903883998___________________.exe
-
Size
1.2MB
-
Sample
240125-vqtn3scccq
-
MD5
57871661c88f329a616146c49b61c18f
-
SHA1
c1bddb20bba99284864900a627180209f309a1a3
-
SHA256
3926e87c46de1b1637b022436f40375b9e0e7bfb0c5bc7ff4176ff9de208108a
-
SHA512
01fd4eb4f89d80f48837ee852c6ffae4b8e8f3e5b42ff0ce6af01ee11d1271c5a95f8ff25cbcaefd29417297927166eafe4e9b5af1380f2c29289a308604bd96
-
SSDEEP
24576:/AHnh+eWsN3skA4RV1Hom2KXMmHaee52JniQahz5:ih+ZkldoPK8YanwiQaD
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.worlorderbillions.top - Port:
587 - Username:
[email protected] - Password:
7ace90qwerty - Email To:
[email protected]
Targets
-
-
Target
LZ_0378392893038_903883998___________________.exe
-
Size
1.2MB
-
MD5
57871661c88f329a616146c49b61c18f
-
SHA1
c1bddb20bba99284864900a627180209f309a1a3
-
SHA256
3926e87c46de1b1637b022436f40375b9e0e7bfb0c5bc7ff4176ff9de208108a
-
SHA512
01fd4eb4f89d80f48837ee852c6ffae4b8e8f3e5b42ff0ce6af01ee11d1271c5a95f8ff25cbcaefd29417297927166eafe4e9b5af1380f2c29289a308604bd96
-
SSDEEP
24576:/AHnh+eWsN3skA4RV1Hom2KXMmHaee52JniQahz5:ih+ZkldoPK8YanwiQaD
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Kinsing
Kinsing is a loader written in Golang.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-