General
-
Target
25446c2c5486d4522219c8e94be7b3d562f3088d316c2432e3da914af07c12b0
-
Size
1.0MB
-
Sample
240424-ca4v1aea3x
-
MD5
92f1af3126899c911f5d1b3d41a94b21
-
SHA1
87ad0d4efc6ac814527fbbec8aecc34a29696a19
-
SHA256
25446c2c5486d4522219c8e94be7b3d562f3088d316c2432e3da914af07c12b0
-
SHA512
1d553e793aafb1d463c203c25f92b0604468a142bce204df5193f661f29312498c393591f0929efef3e3169287f2bd8d1f509eb94e9f846f6f349ae5f37805e9
-
SSDEEP
24576:DAHnh+eWsN3skA4RV1Hom2KXMmHakW+BIUQUlCyW5:Oh+ZkldoPK8YakW0IUQUcD
Static task
static1
Behavioral task
behavioral1
Sample
25446c2c5486d4522219c8e94be7b3d562f3088d316c2432e3da914af07c12b0.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
25446c2c5486d4522219c8e94be7b3d562f3088d316c2432e3da914af07c12b0.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
webmail.empowerfiresafe.com - Port:
587 - Username:
[email protected] - Password:
Jayapradha123@#$ - Email To:
[email protected]
Targets
-
-
Target
25446c2c5486d4522219c8e94be7b3d562f3088d316c2432e3da914af07c12b0
-
Size
1.0MB
-
MD5
92f1af3126899c911f5d1b3d41a94b21
-
SHA1
87ad0d4efc6ac814527fbbec8aecc34a29696a19
-
SHA256
25446c2c5486d4522219c8e94be7b3d562f3088d316c2432e3da914af07c12b0
-
SHA512
1d553e793aafb1d463c203c25f92b0604468a142bce204df5193f661f29312498c393591f0929efef3e3169287f2bd8d1f509eb94e9f846f6f349ae5f37805e9
-
SSDEEP
24576:DAHnh+eWsN3skA4RV1Hom2KXMmHakW+BIUQUlCyW5:Oh+ZkldoPK8YakW0IUQUcD
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-