General
-
Target
4b034a6816bb88fb9731d6211387b73561afb261abe91a8433db24dac9334db0
-
Size
1.0MB
-
Sample
240426-bkbfrsgg66
-
MD5
71a20552e882e95d0ee1260cf50a9e8a
-
SHA1
2a142b7a20e96750d258093a9660e0fe01ffdcd0
-
SHA256
4b034a6816bb88fb9731d6211387b73561afb261abe91a8433db24dac9334db0
-
SHA512
0d75ad9c0bc39533388cf410221513a8c8afed5269f1dade0afd61f6d363a8986ad26eec60523552b833d8c39dc8399d0abc7f00d359a7422810edf3286e97f1
-
SSDEEP
24576:NAHnh+eWsN3skA4RV1Hom2KXMmHaORLMyNHL9n5:sh+ZkldoPK8YaOBMYL
Static task
static1
Behavioral task
behavioral1
Sample
4b034a6816bb88fb9731d6211387b73561afb261abe91a8433db24dac9334db0.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
4b034a6816bb88fb9731d6211387b73561afb261abe91a8433db24dac9334db0.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.itzayanaland.com - Port:
587 - Username:
[email protected] - Password:
Vxha5,yybO%M --- - Email To:
[email protected]
Targets
-
-
Target
4b034a6816bb88fb9731d6211387b73561afb261abe91a8433db24dac9334db0
-
Size
1.0MB
-
MD5
71a20552e882e95d0ee1260cf50a9e8a
-
SHA1
2a142b7a20e96750d258093a9660e0fe01ffdcd0
-
SHA256
4b034a6816bb88fb9731d6211387b73561afb261abe91a8433db24dac9334db0
-
SHA512
0d75ad9c0bc39533388cf410221513a8c8afed5269f1dade0afd61f6d363a8986ad26eec60523552b833d8c39dc8399d0abc7f00d359a7422810edf3286e97f1
-
SSDEEP
24576:NAHnh+eWsN3skA4RV1Hom2KXMmHaORLMyNHL9n5:sh+ZkldoPK8YaOBMYL
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-