General
-
Target
tmpzy0dojkx
-
Size
1017KB
-
Sample
240523-2yzzdsce89
-
MD5
878fd5327849df4d7db69cf065a6c1d0
-
SHA1
ab7604fd7d37433acbb5b3ca51a2bcc72a9b7da4
-
SHA256
d2366b025581301217addaea969012e6c3f8c5c99fa1370b3ac97526da1c7dae
-
SHA512
27695c68f44ae8efa60ad7ef323f50b222e4422c5d534e1aa95e18549ebcbd1e693185b822b7be095604e79ac89b335e62ee5990ea688b746f9ef52450a9b3ef
-
SSDEEP
24576:6AHnh+eWsN3skA4RV1Hom2KXMmHaAHXQT9R5:Nh+ZkldoPK8YaAHXQJ
Static task
static1
Behavioral task
behavioral1
Sample
tmpzy0dojkx.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
tmpzy0dojkx.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.worlorderbillions.top - Port:
587 - Username:
[email protected] - Password:
vqpF.#;cCodu - Email To:
[email protected]
Targets
-
-
Target
tmpzy0dojkx
-
Size
1017KB
-
MD5
878fd5327849df4d7db69cf065a6c1d0
-
SHA1
ab7604fd7d37433acbb5b3ca51a2bcc72a9b7da4
-
SHA256
d2366b025581301217addaea969012e6c3f8c5c99fa1370b3ac97526da1c7dae
-
SHA512
27695c68f44ae8efa60ad7ef323f50b222e4422c5d534e1aa95e18549ebcbd1e693185b822b7be095604e79ac89b335e62ee5990ea688b746f9ef52450a9b3ef
-
SSDEEP
24576:6AHnh+eWsN3skA4RV1Hom2KXMmHaAHXQT9R5:Nh+ZkldoPK8YaAHXQJ
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-