General
-
Target
4826b5445a2bd7a2ad98903799571102a3f8a03b835f913a4ef9e3a67b8b08c8
-
Size
615KB
-
Sample
240523-czex6sah34
-
MD5
c7e97f90711ca0b0513e4eebae0781f8
-
SHA1
1da9ccf6cbc0fc87bc82fa8aa75abd16681af324
-
SHA256
4826b5445a2bd7a2ad98903799571102a3f8a03b835f913a4ef9e3a67b8b08c8
-
SHA512
01b90577bf7992733d90b53f46c086c51467f840b459b69475cd3fcb26f7f0c24d188261a22f4d28eb668c420d9fd4f4acbedc4e461c602012faf3d7add04016
-
SSDEEP
12288:cSHXKxbR9kjaX0ujKlppa4ji49B/WIGBdLuhv9/WqcLjb4Oa2Q:9HXK5wa6bpa4jJ2IsyhV/WqS1a1
Static task
static1
Behavioral task
behavioral1
Sample
4826b5445a2bd7a2ad98903799571102a3f8a03b835f913a4ef9e3a67b8b08c8.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
4826b5445a2bd7a2ad98903799571102a3f8a03b835f913a4ef9e3a67b8b08c8.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
agenttesla
Protocol: ftp- Host:
ftp://files.000webhost.com - Port:
21 - Username:
tain77 - Password:
Computer@666
Targets
-
-
Target
4826b5445a2bd7a2ad98903799571102a3f8a03b835f913a4ef9e3a67b8b08c8
-
Size
615KB
-
MD5
c7e97f90711ca0b0513e4eebae0781f8
-
SHA1
1da9ccf6cbc0fc87bc82fa8aa75abd16681af324
-
SHA256
4826b5445a2bd7a2ad98903799571102a3f8a03b835f913a4ef9e3a67b8b08c8
-
SHA512
01b90577bf7992733d90b53f46c086c51467f840b459b69475cd3fcb26f7f0c24d188261a22f4d28eb668c420d9fd4f4acbedc4e461c602012faf3d7add04016
-
SSDEEP
12288:cSHXKxbR9kjaX0ujKlppa4ji49B/WIGBdLuhv9/WqcLjb4Oa2Q:9HXK5wa6bpa4jJ2IsyhV/WqS1a1
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-