General
-
Target
0922267f8753b91fff86d48c4c55f34ca6a3174870f1710dc05b5906bffbd3b9
-
Size
766KB
-
Sample
241010-crb7bazhmm
-
MD5
7373e1ea9479009f5b35480bfa87e23c
-
SHA1
94af1fa9d6bd4a904b41a6c273d51bf200dbf0b8
-
SHA256
0922267f8753b91fff86d48c4c55f34ca6a3174870f1710dc05b5906bffbd3b9
-
SHA512
739ab89dd51300d668e8134721e1aa78e2b248c1da498d780c24fe4e48fc546f8fc1b6b7c1ff9c153c019511afc30bbba76f7d8170123507889f9995b5ff636e
-
SSDEEP
12288:W9zUnhegqsJkQ3fOASKD1T45l3+0CMx57LMax5VdXY/8b7Q6cetcl8enJ6vDLe:WZUhDqc3fOTEe5l3esQO50/u7Qbetclj
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.pgsu.co.id - Port:
587 - Username:
[email protected] - Password:
Vecls16@Vezs - Email To:
[email protected]
Targets
-
-
Target
IMG.exe
-
Size
1.1MB
-
MD5
a25be644a741a4e7d4b0bd923df5eb12
-
SHA1
90af028d290fe429dba201d7126eb6e11e18684c
-
SHA256
b59f02642cdef63a4fa316448b0d464bce8f5e2625cb28fb29994dd198f87215
-
SHA512
1684e85a453f1570cd411081912e3ab5c45ef577fb7cf25c2aa902f21df3b5ad4383e4ad62d3ab9b76a1313f8dfc3c64639c86f29b60ee032d492f56eac5e4c7
-
SSDEEP
12288:ALkcoxg7v3qnC11ErwIhh0F4qwUgUny5Qb9GTNaIpg6E7iwXNMEYSpliZwAxSSII:WfmMv6Ckr7Mny5Qb0IIpqewtXbEwAjei
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-