General
-
Target
19faeafd87bf62719caf8e3a73e532a08aa7cb773ba38591a57a75d787b6cfb9.exe
-
Size
301KB
-
Sample
240518-k3336sda5s
-
MD5
13a6532a8c8df7589fd7d04517e43311
-
SHA1
9e9beb93f0a4961ebfaf74b8f053265c93a2d627
-
SHA256
19faeafd87bf62719caf8e3a73e532a08aa7cb773ba38591a57a75d787b6cfb9
-
SHA512
bc0ab330a47bf21e1959fc3386f5e3bce18525b81899f8ba3b89108ecc090f0978cfcbbe7efd4dd50b65c9dbf0d3d8594d9ebc8238bc79c977440cab20e5eded
-
SSDEEP
6144:tmNK0wDGfi3YVSxf0AIc0iKwWbdSyOe3wk:tmKf0AI570q
Static task
static1
Behavioral task
behavioral1
Sample
19faeafd87bf62719caf8e3a73e532a08aa7cb773ba38591a57a75d787b6cfb9.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
19faeafd87bf62719caf8e3a73e532a08aa7cb773ba38591a57a75d787b6cfb9.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.maternamedical.top - Port:
587 - Username:
[email protected] - Password:
;PB9=-brP&O# - Email To:
[email protected]
Targets
-
-
Target
19faeafd87bf62719caf8e3a73e532a08aa7cb773ba38591a57a75d787b6cfb9.exe
-
Size
301KB
-
MD5
13a6532a8c8df7589fd7d04517e43311
-
SHA1
9e9beb93f0a4961ebfaf74b8f053265c93a2d627
-
SHA256
19faeafd87bf62719caf8e3a73e532a08aa7cb773ba38591a57a75d787b6cfb9
-
SHA512
bc0ab330a47bf21e1959fc3386f5e3bce18525b81899f8ba3b89108ecc090f0978cfcbbe7efd4dd50b65c9dbf0d3d8594d9ebc8238bc79c977440cab20e5eded
-
SSDEEP
6144:tmNK0wDGfi3YVSxf0AIc0iKwWbdSyOe3wk:tmKf0AI570q
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-