General
-
Target
dm7DlGGnm36sQec.exe
-
Size
655KB
-
Sample
240430-f9ft1aeb4z
-
MD5
4fd4e6a53facb626b8470d557e7f03d5
-
SHA1
33956c11a9efa84be96f0063d4b5b2f54fbb82b0
-
SHA256
91b3beabc3244b35f86ad8669b64dc3aeef2b0c646bc93331babc88f5e51687d
-
SHA512
a4663a8aed0c305f88c1dda820f87e2974d762df1f300a77f9e200956592f986b517af44574e2cbd2b880e826610a060c465986bb59da84eb669f4d43f0041d6
-
SSDEEP
12288:47B778QFCuAEInOikTXdqBhfhX16mtBL4cGhu5WtLdftIr:uBHCuAJGMBLXYmtN4cEFf
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.atarod.org.af - Port:
587 - Username:
[email protected] - Password:
A1tarod@23 - Email To:
[email protected]
Targets
-
-
Target
dm7DlGGnm36sQec.exe
-
Size
655KB
-
MD5
4fd4e6a53facb626b8470d557e7f03d5
-
SHA1
33956c11a9efa84be96f0063d4b5b2f54fbb82b0
-
SHA256
91b3beabc3244b35f86ad8669b64dc3aeef2b0c646bc93331babc88f5e51687d
-
SHA512
a4663a8aed0c305f88c1dda820f87e2974d762df1f300a77f9e200956592f986b517af44574e2cbd2b880e826610a060c465986bb59da84eb669f4d43f0041d6
-
SSDEEP
12288:47B778QFCuAEInOikTXdqBhfhX16mtBL4cGhu5WtLdftIr:uBHCuAJGMBLXYmtN4cEFf
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-