General
-
Target
b2060f6a5e17d27bb2413bc95ec71fb942151dd2984917831d64c6aa7120efc2
-
Size
1.1MB
-
Sample
240408-btjthacf3t
-
MD5
3914d1fe5113895ff467bcd01994037c
-
SHA1
f2f0e0e2bf57589a3880cfaf109d149ea27673a9
-
SHA256
b2060f6a5e17d27bb2413bc95ec71fb942151dd2984917831d64c6aa7120efc2
-
SHA512
056c7f88c2ab836e7399c67b95d2d03d04f7e3bb02ef7b0ffdab5a5ba7990bf016d9ee27d44ac591f514af674d55abf58adb462256606963653457c6b47f75ea
-
SSDEEP
24576:YqDEvCTbMWu7rQYlBQcBiT6rprG8aF83aszMg15alQt3d:YTvC/MTQYxsWR7aFwfMgzK
Static task
static1
Behavioral task
behavioral1
Sample
b2060f6a5e17d27bb2413bc95ec71fb942151dd2984917831d64c6aa7120efc2.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b2060f6a5e17d27bb2413bc95ec71fb942151dd2984917831d64c6aa7120efc2.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.ionos.es - Port:
587 - Username:
[email protected] - Password:
Pula0001* - Email To:
[email protected]
Targets
-
-
Target
b2060f6a5e17d27bb2413bc95ec71fb942151dd2984917831d64c6aa7120efc2
-
Size
1.1MB
-
MD5
3914d1fe5113895ff467bcd01994037c
-
SHA1
f2f0e0e2bf57589a3880cfaf109d149ea27673a9
-
SHA256
b2060f6a5e17d27bb2413bc95ec71fb942151dd2984917831d64c6aa7120efc2
-
SHA512
056c7f88c2ab836e7399c67b95d2d03d04f7e3bb02ef7b0ffdab5a5ba7990bf016d9ee27d44ac591f514af674d55abf58adb462256606963653457c6b47f75ea
-
SSDEEP
24576:YqDEvCTbMWu7rQYlBQcBiT6rprG8aF83aszMg15alQt3d:YTvC/MTQYxsWR7aFwfMgzK
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-