General
-
Target
SKM 003-23 170204 004982024.pdf.exe
-
Size
1.1MB
-
Sample
240403-p7qe4add6z
-
MD5
f82bef7bdeccbb01d5f2bff93dce0b4a
-
SHA1
a77f25631c5cca1f0c7795d5aa2bd0dc763bdc5c
-
SHA256
b768363bcb7124aa610614ee6c95776c0133a5136339105d95d6313316dadef1
-
SHA512
a92e2dcac93aba9cd4108cfac93551d114bc5d4a8827778258d46675d5ea2cbdd4cc675ca5758582c9489d43f1890b6429435cb1c459bd6445bb2e4410d036e8
-
SSDEEP
24576:wqDEvCTbMWu7rQYlBQcBiT6rprG8aPSGP6Dz:wTvC/MTQYxsWR7aP/
Static task
static1
Behavioral task
behavioral1
Sample
SKM 003-23 170204 004982024.pdf.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
SKM 003-23 170204 004982024.pdf.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.bezelety.top - Port:
587 - Username:
[email protected] - Password:
KV?y1$dqdUzV - Email To:
[email protected]
Targets
-
-
Target
SKM 003-23 170204 004982024.pdf.exe
-
Size
1.1MB
-
MD5
f82bef7bdeccbb01d5f2bff93dce0b4a
-
SHA1
a77f25631c5cca1f0c7795d5aa2bd0dc763bdc5c
-
SHA256
b768363bcb7124aa610614ee6c95776c0133a5136339105d95d6313316dadef1
-
SHA512
a92e2dcac93aba9cd4108cfac93551d114bc5d4a8827778258d46675d5ea2cbdd4cc675ca5758582c9489d43f1890b6429435cb1c459bd6445bb2e4410d036e8
-
SSDEEP
24576:wqDEvCTbMWu7rQYlBQcBiT6rprG8aPSGP6Dz:wTvC/MTQYxsWR7aP/
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-