General
-
Target
4a8014296ecf3191c9bc4b0911cec2942c93231e9dbe247e6bbc49f0e784282d
-
Size
1.1MB
-
Sample
240519-bg56zaab8w
-
MD5
9427d9099e93017d468e50107aa2a9b1
-
SHA1
214c403f8d7186edd1fa5d4e502e47516bbe279e
-
SHA256
4a8014296ecf3191c9bc4b0911cec2942c93231e9dbe247e6bbc49f0e784282d
-
SHA512
bfaa4f9a6c8e9ae4c6a225fa0c2beff66b2dbbe924a8c12c0fce921b8a3e890b95f6229cf4766855ececdfd62d1cbc5075d7ab1d408e277878ea5f042079e216
-
SSDEEP
24576:NRk5X73El97fT4I2d0vOJWtGaplaHVf+MTNMn:zL7blv/9plCPin
Static task
static1
Behavioral task
behavioral1
Sample
4a8014296ecf3191c9bc4b0911cec2942c93231e9dbe247e6bbc49f0e784282d.exe
Resource
win7-20240221-en
Malware Config
Extracted
Protocol: ftp- Host:
associatessystems.com - Port:
21 - Username:
[email protected] - Password:
computer1840
Extracted
agenttesla
Protocol: smtp- Port:
587 - Username:
ftp://[email protected] - Password:
[email protected]
Targets
-
-
Target
4a8014296ecf3191c9bc4b0911cec2942c93231e9dbe247e6bbc49f0e784282d
-
Size
1.1MB
-
MD5
9427d9099e93017d468e50107aa2a9b1
-
SHA1
214c403f8d7186edd1fa5d4e502e47516bbe279e
-
SHA256
4a8014296ecf3191c9bc4b0911cec2942c93231e9dbe247e6bbc49f0e784282d
-
SHA512
bfaa4f9a6c8e9ae4c6a225fa0c2beff66b2dbbe924a8c12c0fce921b8a3e890b95f6229cf4766855ececdfd62d1cbc5075d7ab1d408e277878ea5f042079e216
-
SSDEEP
24576:NRk5X73El97fT4I2d0vOJWtGaplaHVf+MTNMn:zL7blv/9plCPin
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-