General
-
Target
bb3bc7994d092c3f510327cf6e11506fe17c0d6fae9ae220de12f5928a2c185e_payload.exe
-
Size
233KB
-
Sample
240519-ck5kaada8s
-
MD5
5685c9e77543164f93d8b427460635e9
-
SHA1
09a58f47a6edbf76083803d87366bb7e8f9f07c6
-
SHA256
4979935b585e0fbafc28b997b2ba22bc52ae9ff4b9e1dfaf2a0ed93f7603ae5d
-
SHA512
f3c09abc8b9e4dedd98fa2c935edfea74f72a701613394bdea1e0bee2ae20b0e879ffc1a536a37ba0450a297fc92b37ac3a9bc4f769eb3a7492dd285c836e8b4
-
SSDEEP
3072:EbYCeMoUAMw0HXSI5rRWZmImxHGly5ugDD15:bCeMoUAMw0HXSIHWZmI2HGlCDx
Behavioral task
behavioral1
Sample
bb3bc7994d092c3f510327cf6e11506fe17c0d6fae9ae220de12f5928a2c185e_payload.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
bb3bc7994d092c3f510327cf6e11506fe17c0d6fae9ae220de12f5928a2c185e_payload.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
agenttesla
Protocol: ftp- Host:
ftp://eu-west-1.sftpcloud.io - Port:
21 - Username:
dc2d3038d5c743319b4d84cc320c4fad - Password:
xmFBI1ctaq8b1qv5SWZ3AOzpG1Yb6y2K
Extracted
Protocol: ftp- Host:
eu-west-1.sftpcloud.io - Port:
21 - Username:
dc2d3038d5c743319b4d84cc320c4fad - Password:
xmFBI1ctaq8b1qv5SWZ3AOzpG1Yb6y2K
Targets
-
-
Target
bb3bc7994d092c3f510327cf6e11506fe17c0d6fae9ae220de12f5928a2c185e_payload.exe
-
Size
233KB
-
MD5
5685c9e77543164f93d8b427460635e9
-
SHA1
09a58f47a6edbf76083803d87366bb7e8f9f07c6
-
SHA256
4979935b585e0fbafc28b997b2ba22bc52ae9ff4b9e1dfaf2a0ed93f7603ae5d
-
SHA512
f3c09abc8b9e4dedd98fa2c935edfea74f72a701613394bdea1e0bee2ae20b0e879ffc1a536a37ba0450a297fc92b37ac3a9bc4f769eb3a7492dd285c836e8b4
-
SSDEEP
3072:EbYCeMoUAMw0HXSI5rRWZmImxHGly5ugDD15:bCeMoUAMw0HXSIHWZmI2HGlCDx
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-