General
-
Target
e393c90747e935149ecabf5af936a07a.exe
-
Size
1.1MB
-
Sample
241010-at2hwaxgnl
-
MD5
e393c90747e935149ecabf5af936a07a
-
SHA1
2142b77e3d70dc270461a9f474e28be74b431f4c
-
SHA256
aa896f6d492af898ab32fcbc5096c415444b86c8cc609b14dd4b2985597a9eaa
-
SHA512
780a6b5ecb5b0e32def470c002c323faf53c1e09086543f4b4437761752d411f3b95b7ab58856e0d126c8141e275935af4f79954047c36969262b33ee77f567f
-
SSDEEP
24576:ffmMv6Ckr7Mny5QLhBlwMPSMoXh0s4fdx1eDDSE3to:f3v+7/5QLhBt63Ex1eDV9o
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.worlorderbillions.top - Port:
587 - Username:
[email protected] - Password:
ORKSEMuW*kNA - Email To:
[email protected]
Targets
-
-
Target
e393c90747e935149ecabf5af936a07a.exe
-
Size
1.1MB
-
MD5
e393c90747e935149ecabf5af936a07a
-
SHA1
2142b77e3d70dc270461a9f474e28be74b431f4c
-
SHA256
aa896f6d492af898ab32fcbc5096c415444b86c8cc609b14dd4b2985597a9eaa
-
SHA512
780a6b5ecb5b0e32def470c002c323faf53c1e09086543f4b4437761752d411f3b95b7ab58856e0d126c8141e275935af4f79954047c36969262b33ee77f567f
-
SSDEEP
24576:ffmMv6Ckr7Mny5QLhBlwMPSMoXh0s4fdx1eDDSE3to:f3v+7/5QLhBt63Ex1eDV9o
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-