General
-
Target
6feff3a8bf84aaa1364daedf7bfb72e6_JaffaCakes118
-
Size
282KB
-
Sample
240524-1ytxpsda22
-
MD5
6feff3a8bf84aaa1364daedf7bfb72e6
-
SHA1
3d428c810b487d9729e4c49802350930b04b2862
-
SHA256
3d01ff473ee7f0b842e34003a92b7c862f7ffed9b16700c03e00de70c7c3e431
-
SHA512
74e7107d17492cc67e322594494a4089fff690cb8a0e449d0936b03a2b432c51bcf852bb208df23559d91273525050b62a6ff91d78fadf4be414bff5059314aa
-
SSDEEP
6144:5IUHZIuUj87QNjeEnBeIsjGAY71bNpoHm5JbE:bH6Z87uisstYFL
Behavioral task
behavioral1
Sample
6feff3a8bf84aaa1364daedf7bfb72e6_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6feff3a8bf84aaa1364daedf7bfb72e6_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.sclooke.com - Port:
587 - Username:
[email protected] - Password:
Ay(jdmW7
Targets
-
-
Target
6feff3a8bf84aaa1364daedf7bfb72e6_JaffaCakes118
-
Size
282KB
-
MD5
6feff3a8bf84aaa1364daedf7bfb72e6
-
SHA1
3d428c810b487d9729e4c49802350930b04b2862
-
SHA256
3d01ff473ee7f0b842e34003a92b7c862f7ffed9b16700c03e00de70c7c3e431
-
SHA512
74e7107d17492cc67e322594494a4089fff690cb8a0e449d0936b03a2b432c51bcf852bb208df23559d91273525050b62a6ff91d78fadf4be414bff5059314aa
-
SSDEEP
6144:5IUHZIuUj87QNjeEnBeIsjGAY71bNpoHm5JbE:bH6Z87uisstYFL
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla payload
-
Accesses Microsoft Outlook profiles
-