General
-
Target
e66ba99955c1baa592951ea963c209ebfa962ee480470ee7c4b7ffd0794303c4
-
Size
1.0MB
-
Sample
240430-bkwfyafh53
-
MD5
5cb38ade848eb20ddef9c80c365b50bc
-
SHA1
50fc810ed7e55a9d056a0ea44bcbdcf3859ee13a
-
SHA256
e66ba99955c1baa592951ea963c209ebfa962ee480470ee7c4b7ffd0794303c4
-
SHA512
2021d6b0b0f6fe0a63f1bb838c216632334e105e898792cb26181c189765b6edac70ab285873b31b35fd4f8f711682262e813e9b4f9ceded6c1dbc43add1ebc2
-
SSDEEP
24576:3AHnh+eWsN3skA4RV1Hom2KXMmHawrHtmqVj95:qh+ZkldoPK8Yawhmw
Static task
static1
Behavioral task
behavioral1
Sample
e66ba99955c1baa592951ea963c209ebfa962ee480470ee7c4b7ffd0794303c4.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e66ba99955c1baa592951ea963c209ebfa962ee480470ee7c4b7ffd0794303c4.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.bezelety.top - Port:
587 - Username:
[email protected] - Password:
KV?y1$dqdUzV - Email To:
[email protected]
Targets
-
-
Target
e66ba99955c1baa592951ea963c209ebfa962ee480470ee7c4b7ffd0794303c4
-
Size
1.0MB
-
MD5
5cb38ade848eb20ddef9c80c365b50bc
-
SHA1
50fc810ed7e55a9d056a0ea44bcbdcf3859ee13a
-
SHA256
e66ba99955c1baa592951ea963c209ebfa962ee480470ee7c4b7ffd0794303c4
-
SHA512
2021d6b0b0f6fe0a63f1bb838c216632334e105e898792cb26181c189765b6edac70ab285873b31b35fd4f8f711682262e813e9b4f9ceded6c1dbc43add1ebc2
-
SSDEEP
24576:3AHnh+eWsN3skA4RV1Hom2KXMmHawrHtmqVj95:qh+ZkldoPK8Yawhmw
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-