General
-
Target
a59a4f8e7ffe8236080c5c8e913ea975fee4e4855e1812470397963c914707d2
-
Size
1.0MB
-
Sample
240609-n7llgaac7y
-
MD5
19c05632c05ff18a836637b0ef2c6578
-
SHA1
10d82e288386a1c6a3f6c4f1cac103d66dcab063
-
SHA256
a59a4f8e7ffe8236080c5c8e913ea975fee4e4855e1812470397963c914707d2
-
SHA512
22cc422724307bccb9288f736eb583658a8e4053401f8331dca991f58c441cac059d7dc6848d7febf3db3bbbd5fc4744669738207ce258f5ae4ecefdec18be44
-
SSDEEP
24576:mAHnh+eWsN3skA4RV1Hom2KXMmHaQmxpKoQUOkAsAzVP5:Bh+ZkldoPK8YaQ44mA1
Static task
static1
Behavioral task
behavioral1
Sample
a59a4f8e7ffe8236080c5c8e913ea975fee4e4855e1812470397963c914707d2.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a59a4f8e7ffe8236080c5c8e913ea975fee4e4855e1812470397963c914707d2.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.beralb.al - Port:
587 - Username:
[email protected] - Password:
Alija@2015 - Email To:
[email protected]
Targets
-
-
Target
a59a4f8e7ffe8236080c5c8e913ea975fee4e4855e1812470397963c914707d2
-
Size
1.0MB
-
MD5
19c05632c05ff18a836637b0ef2c6578
-
SHA1
10d82e288386a1c6a3f6c4f1cac103d66dcab063
-
SHA256
a59a4f8e7ffe8236080c5c8e913ea975fee4e4855e1812470397963c914707d2
-
SHA512
22cc422724307bccb9288f736eb583658a8e4053401f8331dca991f58c441cac059d7dc6848d7febf3db3bbbd5fc4744669738207ce258f5ae4ecefdec18be44
-
SSDEEP
24576:mAHnh+eWsN3skA4RV1Hom2KXMmHaQmxpKoQUOkAsAzVP5:Bh+ZkldoPK8YaQ44mA1
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-