General
-
Target
0ca51e00d217167847c3fceeeea13a2f1f009e055d694f8f208d2af1176581c8
-
Size
925KB
-
Sample
240427-bkdwwsfg54
-
MD5
3eff7e12316bada32f0397027fea475b
-
SHA1
f030aecbbb82ca2675eb56a5a9366c1fc318484c
-
SHA256
0ca51e00d217167847c3fceeeea13a2f1f009e055d694f8f208d2af1176581c8
-
SHA512
2c37005867865d31485207ff0db780f6697d667653d2620ce084e804003d3913f8745765507413723a68932f169fe81eacb3ccca11a258c9fbe45858469727c4
-
SSDEEP
24576:FhmUTTAKL8oedI3uOMznyBduen8FBIVAIbXngw:lTTAvoeeuunIBIVBb1
Static task
static1
Behavioral task
behavioral1
Sample
0ca51e00d217167847c3fceeeea13a2f1f009e055d694f8f208d2af1176581c8.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
0ca51e00d217167847c3fceeeea13a2f1f009e055d694f8f208d2af1176581c8.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.pmknycc.in - Port:
587 - Username:
[email protected] - Password:
Host@@2020 - Email To:
[email protected]
Targets
-
-
Target
0ca51e00d217167847c3fceeeea13a2f1f009e055d694f8f208d2af1176581c8
-
Size
925KB
-
MD5
3eff7e12316bada32f0397027fea475b
-
SHA1
f030aecbbb82ca2675eb56a5a9366c1fc318484c
-
SHA256
0ca51e00d217167847c3fceeeea13a2f1f009e055d694f8f208d2af1176581c8
-
SHA512
2c37005867865d31485207ff0db780f6697d667653d2620ce084e804003d3913f8745765507413723a68932f169fe81eacb3ccca11a258c9fbe45858469727c4
-
SSDEEP
24576:FhmUTTAKL8oedI3uOMznyBduen8FBIVAIbXngw:lTTAvoeeuunIBIVBb1
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-