General
-
Target
1c7e6be0fed778f80770ae9d54594bba970c3a756b797abf40f143fa210db36e
-
Size
1.0MB
-
Sample
240430-b2lcashb2x
-
MD5
022336fa2c8cef7562eb7b86b07038a5
-
SHA1
f051fdd84f2a4c7d234b13728597b1ee81d390a9
-
SHA256
1c7e6be0fed778f80770ae9d54594bba970c3a756b797abf40f143fa210db36e
-
SHA512
abf74b13639806eb5cef2296cafc05e0fd551c2fd1fd1da1cdc065bd3e8095f3be505ecc57b82e5968b19cae39b4620aafd266acf53779c5fb9f10360e483fa8
-
SSDEEP
24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHa0/zX9gkt0/l5:gh+ZkldoPK8Ya0/jykt03
Static task
static1
Behavioral task
behavioral1
Sample
1c7e6be0fed778f80770ae9d54594bba970c3a756b797abf40f143fa210db36e.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1c7e6be0fed778f80770ae9d54594bba970c3a756b797abf40f143fa210db36e.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.worlorderbillions.top - Port:
587 - Username:
[email protected] - Password:
##z$P{dTygVX - Email To:
[email protected]
Targets
-
-
Target
1c7e6be0fed778f80770ae9d54594bba970c3a756b797abf40f143fa210db36e
-
Size
1.0MB
-
MD5
022336fa2c8cef7562eb7b86b07038a5
-
SHA1
f051fdd84f2a4c7d234b13728597b1ee81d390a9
-
SHA256
1c7e6be0fed778f80770ae9d54594bba970c3a756b797abf40f143fa210db36e
-
SHA512
abf74b13639806eb5cef2296cafc05e0fd551c2fd1fd1da1cdc065bd3e8095f3be505ecc57b82e5968b19cae39b4620aafd266acf53779c5fb9f10360e483fa8
-
SSDEEP
24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHa0/zX9gkt0/l5:gh+ZkldoPK8Ya0/jykt03
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-