General
-
Target
e3e2106835618398ef240b9e3e84026a0019bafda4464f3150756d42c5374f9d.exe
-
Size
1.0MB
-
Sample
240425-cjw7hsdd42
-
MD5
111af05dd1407b81db746b75b32e8b92
-
SHA1
5fd001e0d0d86e5ee6d19e388bef20d31865f45d
-
SHA256
e3e2106835618398ef240b9e3e84026a0019bafda4464f3150756d42c5374f9d
-
SHA512
bf37a0b838474210df8cecf22d6462e848eb91fda5777aab0ec6b03b5286a52e487b69c2a737883372b13a523bb87ef9a91ab25946028a19f6022e2bddc733a9
-
SSDEEP
24576:AAHnh+eWsN3skA4RV1Hom2KXMmHaJJMUyY1WXbVTZD5:3h+ZkldoPK8YaJJgXbR
Static task
static1
Behavioral task
behavioral1
Sample
e3e2106835618398ef240b9e3e84026a0019bafda4464f3150756d42c5374f9d.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
e3e2106835618398ef240b9e3e84026a0019bafda4464f3150756d42c5374f9d.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.worlorderbillions.top - Port:
587 - Username:
[email protected] - Password:
@qwerty90123 - Email To:
[email protected]
Targets
-
-
Target
e3e2106835618398ef240b9e3e84026a0019bafda4464f3150756d42c5374f9d.exe
-
Size
1.0MB
-
MD5
111af05dd1407b81db746b75b32e8b92
-
SHA1
5fd001e0d0d86e5ee6d19e388bef20d31865f45d
-
SHA256
e3e2106835618398ef240b9e3e84026a0019bafda4464f3150756d42c5374f9d
-
SHA512
bf37a0b838474210df8cecf22d6462e848eb91fda5777aab0ec6b03b5286a52e487b69c2a737883372b13a523bb87ef9a91ab25946028a19f6022e2bddc733a9
-
SSDEEP
24576:AAHnh+eWsN3skA4RV1Hom2KXMmHaJJMUyY1WXbVTZD5:3h+ZkldoPK8YaJJgXbR
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect packed .NET executables. Mostly AgentTeslaV4.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-