General
-
Target
SecuriteInfo.com.Win32.PWSX-gen.1293.27347.exe
-
Size
619KB
-
Sample
240619-ka911sxcnf
-
MD5
62d02b130655bbeb8b0097d3c3024581
-
SHA1
2dcae5f9ec71bc766c5467d15aae0ced903df207
-
SHA256
5f53f29acdf74a080f30ef950146b680b8e1e779ea69d3f5c4c4556d8eef1073
-
SHA512
4bb8d022bff761b900b788ec77e56b3bde51c9fe571718c3705c80eef83014d1339b1bd449ebcf722021463d38b460e344caca64aa557fac30d0f30d091675e3
-
SSDEEP
12288:x8ppCziKVmoFTjzFAiWVo9jO4TFhRmWlv/3nZEoqEogXBwjoj7D:Kpp8iKB3+zVZEoOXyEjB2w
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.PWSX-gen.1293.27347.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Win32.PWSX-gen.1293.27347.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
emidco.com - Port:
587 - Username:
[email protected] - Password:
DMmpPxx9c - Email To:
[email protected]
Targets
-
-
Target
SecuriteInfo.com.Win32.PWSX-gen.1293.27347.exe
-
Size
619KB
-
MD5
62d02b130655bbeb8b0097d3c3024581
-
SHA1
2dcae5f9ec71bc766c5467d15aae0ced903df207
-
SHA256
5f53f29acdf74a080f30ef950146b680b8e1e779ea69d3f5c4c4556d8eef1073
-
SHA512
4bb8d022bff761b900b788ec77e56b3bde51c9fe571718c3705c80eef83014d1339b1bd449ebcf722021463d38b460e344caca64aa557fac30d0f30d091675e3
-
SSDEEP
12288:x8ppCziKVmoFTjzFAiWVo9jO4TFhRmWlv/3nZEoqEogXBwjoj7D:Kpp8iKB3+zVZEoOXyEjB2w
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-