General
-
Target
efafb1121eec46666f9048c85033381411504c4c6f3a6173cda3cd59c8327047
-
Size
2.5MB
-
Sample
240319-b984bseh41
-
MD5
072a7713c29a407713ce2ef87ba94981
-
SHA1
2a4f559e16b9af9c3a45a410bcf721c3bec3b133
-
SHA256
efafb1121eec46666f9048c85033381411504c4c6f3a6173cda3cd59c8327047
-
SHA512
a6a081958367ba209f4ac8defb202d5a18a6ab83d0f5e1862cbf2fb45a50aba6fa76e7866c6c96cbc60c5d7bb1a2017e7c44acb4141cf9e5875fc9d5d1ec560f
-
SSDEEP
49152:/8iPU7LAR6Aqg/m45oZEqRrLQ09udZkO29Hj+4H444lH:jMLARTz+fZb9udZti64H444lH
Behavioral task
behavioral1
Sample
efafb1121eec46666f9048c85033381411504c4c6f3a6173cda3cd59c8327047.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
efafb1121eec46666f9048c85033381411504c4c6f3a6173cda3cd59c8327047.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
gator3220.hostgator.com - Port:
587 - Username:
[email protected] - Password:
ZgD#..!T#Hmars99@soltan - Email To:
[email protected]
Targets
-
-
Target
efafb1121eec46666f9048c85033381411504c4c6f3a6173cda3cd59c8327047
-
Size
2.5MB
-
MD5
072a7713c29a407713ce2ef87ba94981
-
SHA1
2a4f559e16b9af9c3a45a410bcf721c3bec3b133
-
SHA256
efafb1121eec46666f9048c85033381411504c4c6f3a6173cda3cd59c8327047
-
SHA512
a6a081958367ba209f4ac8defb202d5a18a6ab83d0f5e1862cbf2fb45a50aba6fa76e7866c6c96cbc60c5d7bb1a2017e7c44acb4141cf9e5875fc9d5d1ec560f
-
SSDEEP
49152:/8iPU7LAR6Aqg/m45oZEqRrLQ09udZkO29Hj+4H444lH:jMLARTz+fZb9udZti64H444lH
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
PureLog Stealer payload
-
Suspicious use of SetThreadContext
-