General
-
Target
ee4264550955e8a80dd264452201d0ebe643e15a76d4556478b79d182302ca6e
-
Size
233KB
-
Sample
240727-bpap2axekk
-
MD5
22bd318ec130ab882188e169d16947aa
-
SHA1
e2bdd0787e7804f31db2cd0320f238d8678e50fa
-
SHA256
ee4264550955e8a80dd264452201d0ebe643e15a76d4556478b79d182302ca6e
-
SHA512
cedf48e9d1b1aee995311537fec7de21003b95702246f8b3fc4f7327cc78ab61f7e46bc6597dcfd480e9ce1aa674725b7ac55081d28737df9eecd6b9f0743d0a
-
SSDEEP
3072:MNBzWSOyGpi+RR6uBDUHbx0FO13G35wQGaQaj:iBzWSOyGpi+RR6uBOaFO13GpGe
Behavioral task
behavioral1
Sample
ee4264550955e8a80dd264452201d0ebe643e15a76d4556478b79d182302ca6e.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
ee4264550955e8a80dd264452201d0ebe643e15a76d4556478b79d182302ca6e.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
agenttesla
Protocol: ftp- Host:
ftp://ftps4.us.freehostia.com - Port:
21 - Username:
alamah13 - Password:
8yB4zILn1@
Extracted
Protocol: ftp- Host:
ftps4.us.freehostia.com - Port:
21 - Username:
alamah13 - Password:
8yB4zILn1@
Targets
-
-
Target
ee4264550955e8a80dd264452201d0ebe643e15a76d4556478b79d182302ca6e
-
Size
233KB
-
MD5
22bd318ec130ab882188e169d16947aa
-
SHA1
e2bdd0787e7804f31db2cd0320f238d8678e50fa
-
SHA256
ee4264550955e8a80dd264452201d0ebe643e15a76d4556478b79d182302ca6e
-
SHA512
cedf48e9d1b1aee995311537fec7de21003b95702246f8b3fc4f7327cc78ab61f7e46bc6597dcfd480e9ce1aa674725b7ac55081d28737df9eecd6b9f0743d0a
-
SSDEEP
3072:MNBzWSOyGpi+RR6uBDUHbx0FO13G35wQGaQaj:iBzWSOyGpi+RR6uBOaFO13GpGe
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-