General
-
Target
28c98f3cff658f5e1f7ec46440ae86437480500ff88916d5e5c163e13bbafa05
-
Size
825KB
-
Sample
241009-rngd7a1dlh
-
MD5
e313c9572dce7609f6cf72213188f29d
-
SHA1
6c145b68c4178c1316f92057ce75f0d06e231ba6
-
SHA256
28c98f3cff658f5e1f7ec46440ae86437480500ff88916d5e5c163e13bbafa05
-
SHA512
9f1fb4c3930d23b1b421b5e95a1c4fe9a66d092f72f2db79818a50347985465d7db32103090289160f2ed08b499658a5b71e97096a0f64cfde1946c7e7fc648d
-
SSDEEP
12288:hxVxq25h6Wy7kenwmOQhTKTcv4w8X0N3DgFtnu1YNUslosHezwcA2Q8c+p1f4x:hxzPy7kRmOqTKTcd86mn5eIosH8C2Qme
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
bezelety.top - Port:
587 - Username:
[email protected] - Password:
IxF(..bSed6k - Email To:
[email protected]
Targets
-
-
Target
Proforma Invoice NOCAP PLASTIK AMBALAJ.exe
-
Size
1.2MB
-
MD5
c2fca79312fd6cfe7c033f973b989927
-
SHA1
2060d8987af4e9e335f7482fad67cca1a911d9c1
-
SHA256
6eafce36ce25a6993d13171822490667cd302279f2751131c80bdb30b6c34861
-
SHA512
cbbf37a40fc54e3864d541f17949b941df1fcf296bab634bcb34ec47d89e5c1551eefc2d361869f96dde11d6f9751f061d379b063266ecb46704671319b24347
-
SSDEEP
24576:6fmMv6Ckr7Mny5QyjT/GkCY/5ecoWx8K2GmG:63v+7/5QyjT/GkC3WEGR
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-