General
-
Target
6bff1f6877137156e2a19e77b0707950d54b3029b498525751662fab93ef50ef
-
Size
777KB
-
Sample
240923-v8kh5aycre
-
MD5
04be30cb524f7a0fd5af3c11e8c69498
-
SHA1
9b88ce3943c3b60025e949a07969bf55777a8bfd
-
SHA256
6bff1f6877137156e2a19e77b0707950d54b3029b498525751662fab93ef50ef
-
SHA512
ba5ad1caf4115539e3e297d58013a6007f7632f00f00da178554f56a917102d8156db7da95e7a54283e618982b42fb686a9690ae4b246274e148735240315ba4
-
SSDEEP
12288:2O5fOOk5j+gm3tOYApRq5HwAoDWlTo8muTEwi2Joe1nftGTuqoD7Q/QIWR:pjdODpRaQAVlT3y2JNnRfw/SR
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.pgsu.co.id - Port:
587 - Username:
[email protected] - Password:
Vecls16@Vezs - Email To:
[email protected]
Targets
-
-
Target
sty.exe
-
Size
1.2MB
-
MD5
e7d6e3e36391ceb141c048cf86315cae
-
SHA1
5802e26df7f9ed76c903ef0768b73d089df4bd25
-
SHA256
dfc6d6f21cec3f0cb8ff4bb1b6fafc995edc51f3d72bf47ad1c2a916a3e78c68
-
SHA512
8249785956cb20138861f6fa31d320dad1a5b927156aff34a48947d49a73ce0f747b39fb88bc52950374d57163e8480976f44753ba9f7b535b09b34b2ea477cb
-
SSDEEP
24576:pRmJkcoQricOIQxiZY1iaJaJStVVvKtV0iHSxZpf:mJZoQrbTFZY1iaJaJw8taYapf
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-