General
-
Target
450cbaf3ba2178d2ecde3158710066ad71a7d1b17130f29bac92b3414679d46cN
-
Size
1.1MB
-
Sample
241008-yl2exazelr
-
MD5
a5119234440dadd893b250ab5f3c2900
-
SHA1
c5e5d7080e57dbd0e577e6b43e7fdaf04362877e
-
SHA256
450cbaf3ba2178d2ecde3158710066ad71a7d1b17130f29bac92b3414679d46c
-
SHA512
acb65d602a6d4dba63b12a551268081eca401190cb1bd1c876668cb30a5fcbc4ed6d7445efef4dac438f0a03cfd938ccddca4943e2b3b886b773cb25844f2c12
-
SSDEEP
12288:ALkcoxg7v3qnC11ErwIhh0F4qwUgUny5QbWhsTCaoo1cSkQbb1Wkp1GyprPlMFug:WfmMv6Ckr7Mny5QbX4o6uHMU17pouMfD
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.pgsu.co.id - Port:
587 - Username:
[email protected] - Password:
Vecls16@Vezs - Email To:
[email protected]
Targets
-
-
Target
450cbaf3ba2178d2ecde3158710066ad71a7d1b17130f29bac92b3414679d46cN
-
Size
1.1MB
-
MD5
a5119234440dadd893b250ab5f3c2900
-
SHA1
c5e5d7080e57dbd0e577e6b43e7fdaf04362877e
-
SHA256
450cbaf3ba2178d2ecde3158710066ad71a7d1b17130f29bac92b3414679d46c
-
SHA512
acb65d602a6d4dba63b12a551268081eca401190cb1bd1c876668cb30a5fcbc4ed6d7445efef4dac438f0a03cfd938ccddca4943e2b3b886b773cb25844f2c12
-
SSDEEP
12288:ALkcoxg7v3qnC11ErwIhh0F4qwUgUny5QbWhsTCaoo1cSkQbb1Wkp1GyprPlMFug:WfmMv6Ckr7Mny5QbX4o6uHMU17pouMfD
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-