General
-
Target
1982885396758c7243448c68a1133d0317259803d5c54e65d776b21696c21e29
-
Size
3.1MB
-
Sample
240430-bnr8paga72
-
MD5
981aaba03c0e884b61465c244eb38ee5
-
SHA1
2198c52804a5c2f7a497e4e2280f08c486cf4765
-
SHA256
1982885396758c7243448c68a1133d0317259803d5c54e65d776b21696c21e29
-
SHA512
b4e338b4bed5a67e78d8f6c3fe116203370899f7fb2859bffd79bc2d8b2a556a65f97cc9a770f6060ee4b8fa250f154ea583e636c751726a72577630bcb30dae
-
SSDEEP
98304:xzuXNnqC2cf9NFmXbhE8jC7Pvo0Gr0BCa6:xYJNottjCE0GIMa6
Static task
static1
Behavioral task
behavioral1
Sample
1982885396758c7243448c68a1133d0317259803d5c54e65d776b21696c21e29.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
1982885396758c7243448c68a1133d0317259803d5c54e65d776b21696c21e29.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.atarod.org.af - Port:
587 - Username:
[email protected] - Password:
A1tarod@23 - Email To:
[email protected]
Targets
-
-
Target
1982885396758c7243448c68a1133d0317259803d5c54e65d776b21696c21e29
-
Size
3.1MB
-
MD5
981aaba03c0e884b61465c244eb38ee5
-
SHA1
2198c52804a5c2f7a497e4e2280f08c486cf4765
-
SHA256
1982885396758c7243448c68a1133d0317259803d5c54e65d776b21696c21e29
-
SHA512
b4e338b4bed5a67e78d8f6c3fe116203370899f7fb2859bffd79bc2d8b2a556a65f97cc9a770f6060ee4b8fa250f154ea583e636c751726a72577630bcb30dae
-
SSDEEP
98304:xzuXNnqC2cf9NFmXbhE8jC7Pvo0Gr0BCa6:xYJNottjCE0GIMa6
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-