General
-
Target
c075f176b8b22e58f075616a4f8cdc8bda29190b9799b70a1ec072aee95d4c54
-
Size
535KB
-
Sample
240523-cxzjssag63
-
MD5
a9239e394b0d873e78af4d427adba27b
-
SHA1
29012f648fb42e7e532467a77a0b4f6a83404527
-
SHA256
c075f176b8b22e58f075616a4f8cdc8bda29190b9799b70a1ec072aee95d4c54
-
SHA512
64d32b342b2e39a66408df95b5df569dd900e4c5dbaea92db450220fb2cb09e1b1cf12d60e6e29faa2f9a82232261c7cc308bb2741e3471a784962ee6cc8859f
-
SSDEEP
12288:VYV6MorX7qzuC3QHO9FQVHPF51jgcxqLbJd3OwnBrhGlbL:KBXu9HGaVHYJ9XJGf
Behavioral task
behavioral1
Sample
c075f176b8b22e58f075616a4f8cdc8bda29190b9799b70a1ec072aee95d4c54.exe
Resource
win7-20240508-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
us2.smtp.mailhostbox.com - Port:
587 - Username:
[email protected] - Password:
aYl@txL3 - Email To:
[email protected]
Targets
-
-
Target
c075f176b8b22e58f075616a4f8cdc8bda29190b9799b70a1ec072aee95d4c54
-
Size
535KB
-
MD5
a9239e394b0d873e78af4d427adba27b
-
SHA1
29012f648fb42e7e532467a77a0b4f6a83404527
-
SHA256
c075f176b8b22e58f075616a4f8cdc8bda29190b9799b70a1ec072aee95d4c54
-
SHA512
64d32b342b2e39a66408df95b5df569dd900e4c5dbaea92db450220fb2cb09e1b1cf12d60e6e29faa2f9a82232261c7cc308bb2741e3471a784962ee6cc8859f
-
SSDEEP
12288:VYV6MorX7qzuC3QHO9FQVHPF51jgcxqLbJd3OwnBrhGlbL:KBXu9HGaVHYJ9XJGf
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-