General
-
Target
ProformaInvoiceNOCAPPLASTIKAMBALA.exe
-
Size
1.3MB
-
Sample
241010-j93kjssaqc
-
MD5
c7fb6725bbf7e2e883bfe1488d74efa5
-
SHA1
f425f58b4a7ff62387097cc2d9f0d06825199d45
-
SHA256
29ad011f94abd2adefafa15ecc4c8d842afa3113bd5359384b03891ae36ac8b5
-
SHA512
a4471b63d238eb307ef0805e4ec5d23a6a9e616ccb99142e678baa3a13adef244798ac19766207f521141ca567edb24a7fd87107aa39b1c4ad8a9930be9e851b
-
SSDEEP
24576:6fmMv6Ckr7Mny5QyjT/ij2W9/KZZSMbL8hN0pz:63v+7/5QyjT/c2WY7bQWz
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
bezelety.top - Port:
587 - Username:
[email protected] - Password:
IxF(..bSed6k - Email To:
[email protected]
Targets
-
-
Target
ProformaInvoiceNOCAPPLASTIKAMBALA.exe
-
Size
1.3MB
-
MD5
c7fb6725bbf7e2e883bfe1488d74efa5
-
SHA1
f425f58b4a7ff62387097cc2d9f0d06825199d45
-
SHA256
29ad011f94abd2adefafa15ecc4c8d842afa3113bd5359384b03891ae36ac8b5
-
SHA512
a4471b63d238eb307ef0805e4ec5d23a6a9e616ccb99142e678baa3a13adef244798ac19766207f521141ca567edb24a7fd87107aa39b1c4ad8a9930be9e851b
-
SSDEEP
24576:6fmMv6Ckr7Mny5QyjT/ij2W9/KZZSMbL8hN0pz:63v+7/5QyjT/c2WY7bQWz
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-