General
-
Target
f4fa133470670ff2a4ca49776b47525f77c3c045a1aa622e88492f4fb20f06f1
-
Size
593KB
-
Sample
240509-brcx6sda65
-
MD5
ca858bce9b96695592c702bda7441ce9
-
SHA1
a77719a916326614f19fbdcd094cb516172b39c2
-
SHA256
f4fa133470670ff2a4ca49776b47525f77c3c045a1aa622e88492f4fb20f06f1
-
SHA512
1cefdeded54965aab17b095bef3db03bf0b5cbddc7ce0166842084f7ac70795d66133e0ec6f77bc39a858727d542baa67bfe7f68308beaeed0d890136224fe9a
-
SSDEEP
12288:uvdwXeyvxL1gOE5W+/OuCA69dhP8bkBc9b8gKSde0EA:5uyv0OE5pOnd9d98oSB8ZNZA
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
zaidarabia.com - Port:
587 - Username:
[email protected] - Password:
Golddust007! - Email To:
[email protected]
Targets
-
-
Target
3.exe
-
Size
1021KB
-
MD5
398c3b8993b24d39e863869757b3e426
-
SHA1
b06281c6f8fb44ef488b9d27526881341d7b4fc4
-
SHA256
bde8e03d2fa68bfe6e57bcaf7b0e63340dfb86d9be603bb4e5243438efca8bd6
-
SHA512
215b24cec77f3f6bb707563b0cc1782e0f9290973373c50f6ebe90ff895f8dcc6a5f2762b56c73e6b5b8a8f0c5509cb059c6825d3aae69eb2758c528f691bcaf
-
SSDEEP
24576:F4lavt0LkLL9IMixoEgearxyMmBiZ0Pq9MmCS:ckwkn9IMHearekZWaPCS
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-