General
-
Target
b3b4923e9a8f67dabd71bf88c98f7c388caed0b93551347e8b431266b91c4258.exe
-
Size
237KB
-
Sample
240403-p6zx5sdd4s
-
MD5
e75aa43d86f53eeeac5fbcf856aefc3d
-
SHA1
ae9012cfa06cf016303243f31b266288ca5ae999
-
SHA256
b3b4923e9a8f67dabd71bf88c98f7c388caed0b93551347e8b431266b91c4258
-
SHA512
e179ef95fac6fcc4f47bbc529cc491b72e34f0912ef8d2713b80aa9c71b1913b6c70f3c885028cb5a10b21e516cd9a0d663399d2dd3b20e0c61a193659e4c257
-
SSDEEP
3072:wXaJxZhZB7vVujp9izi2YlMEGYS2RHl0KLhn5NYvBgaH4:wexZhZB7vC9yiFMEW2Rl0KF4vBT
Behavioral task
behavioral1
Sample
b3b4923e9a8f67dabd71bf88c98f7c388caed0b93551347e8b431266b91c4258.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b3b4923e9a8f67dabd71bf88c98f7c388caed0b93551347e8b431266b91c4258.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
gator3220.hostgator.com - Port:
587 - Username:
[email protected] - Password:
2htWJg8Ru9SP..!TZmaka!@ - Email To:
[email protected]
Extracted
Protocol: smtp- Host:
gator3220.hostgator.com - Port:
587 - Username:
[email protected] - Password:
2htWJg8Ru9SP..!TZmaka!@
Targets
-
-
Target
b3b4923e9a8f67dabd71bf88c98f7c388caed0b93551347e8b431266b91c4258.exe
-
Size
237KB
-
MD5
e75aa43d86f53eeeac5fbcf856aefc3d
-
SHA1
ae9012cfa06cf016303243f31b266288ca5ae999
-
SHA256
b3b4923e9a8f67dabd71bf88c98f7c388caed0b93551347e8b431266b91c4258
-
SHA512
e179ef95fac6fcc4f47bbc529cc491b72e34f0912ef8d2713b80aa9c71b1913b6c70f3c885028cb5a10b21e516cd9a0d663399d2dd3b20e0c61a193659e4c257
-
SSDEEP
3072:wXaJxZhZB7vVujp9izi2YlMEGYS2RHl0KLhn5NYvBgaH4:wexZhZB7vC9yiFMEW2Rl0KF4vBT
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-