General
-
Target
717d6956f37bcd29a3f05cb5439f875b31729d4bece0a0d0bd3ad59ba572fd5d
-
Size
1.1MB
-
Sample
240330-bg8xvsde9t
-
MD5
11218beab3a287e8edaa2b417dd0aa5b
-
SHA1
e1b6a813471861bcb87e9e0fe37427841bdf87ee
-
SHA256
717d6956f37bcd29a3f05cb5439f875b31729d4bece0a0d0bd3ad59ba572fd5d
-
SHA512
f5f6f3ad6b6ece3b0f395cce9c1dffe177a27fc488f64b00bfa2d85c88a3664b2b8f5b5e99e6a3d066051bd3dd92c6669eec5e334a7b88f386c25763f97bee54
-
SSDEEP
24576:vqDEvCTbMWu7rQYlBQcBiT6rprG8a0GXCT/:vTvC/MTQYxsWR7a0
Static task
static1
Behavioral task
behavioral1
Sample
717d6956f37bcd29a3f05cb5439f875b31729d4bece0a0d0bd3ad59ba572fd5d.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
717d6956f37bcd29a3f05cb5439f875b31729d4bece0a0d0bd3ad59ba572fd5d.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
cp8nl.hyperhost.ua - Port:
587 - Username:
[email protected] - Password:
7213575aceACE@#$ - Email To:
[email protected]
Targets
-
-
Target
717d6956f37bcd29a3f05cb5439f875b31729d4bece0a0d0bd3ad59ba572fd5d
-
Size
1.1MB
-
MD5
11218beab3a287e8edaa2b417dd0aa5b
-
SHA1
e1b6a813471861bcb87e9e0fe37427841bdf87ee
-
SHA256
717d6956f37bcd29a3f05cb5439f875b31729d4bece0a0d0bd3ad59ba572fd5d
-
SHA512
f5f6f3ad6b6ece3b0f395cce9c1dffe177a27fc488f64b00bfa2d85c88a3664b2b8f5b5e99e6a3d066051bd3dd92c6669eec5e334a7b88f386c25763f97bee54
-
SSDEEP
24576:vqDEvCTbMWu7rQYlBQcBiT6rprG8a0GXCT/:vTvC/MTQYxsWR7a0
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-