General
-
Target
acb26b155dc453b93f1402731814235bd9cf08918012ed2971f87ff06297fd7e
-
Size
601KB
-
Sample
240430-b2mv5ahb2z
-
MD5
99f083c0773ec572cd27074bd9f56516
-
SHA1
96a2e36616083dce96b6b7ecfb0d5d1431b5e97f
-
SHA256
acb26b155dc453b93f1402731814235bd9cf08918012ed2971f87ff06297fd7e
-
SHA512
7670ef913d3ad92a24cda2e2b6ec097324a15dbb5ff839ee818e18d756ee937e11c026e6173bc25ba3946222148661955345b4b36a01333a65268413ef511c98
-
SSDEEP
12288:zbGpcvIeZ5D2KZfA68QZ4RS1R04sz/57otSvGj6gIagT03Cm51:epHmDLA68QZ4RSn0rL57ASvXgIt03CY1
Static task
static1
Behavioral task
behavioral1
Sample
SAL-566727012-7203993992929_________________.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
SAL-566727012-7203993992929_________________.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.worlorderbillions.top - Port:
587 - Username:
[email protected] - Password:
##z$P{dTygVX - Email To:
[email protected]
Targets
-
-
Target
SAL-566727012-7203993992929_________________.exe
-
Size
1.0MB
-
MD5
022336fa2c8cef7562eb7b86b07038a5
-
SHA1
f051fdd84f2a4c7d234b13728597b1ee81d390a9
-
SHA256
1c7e6be0fed778f80770ae9d54594bba970c3a756b797abf40f143fa210db36e
-
SHA512
abf74b13639806eb5cef2296cafc05e0fd551c2fd1fd1da1cdc065bd3e8095f3be505ecc57b82e5968b19cae39b4620aafd266acf53779c5fb9f10360e483fa8
-
SSDEEP
24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHa0/zX9gkt0/l5:gh+ZkldoPK8Ya0/jykt03
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-