General
-
Target
9271b8f559cbdaa8270abd63bde1621f8c2a494e6e244d014d07098b8f724e07
-
Size
618KB
-
Sample
241017-bmvmesxeqq
-
MD5
ca0f0d415c787c7463af62b93673af9e
-
SHA1
efaddb5afcbc322c49384d16d6ee79fd31a50967
-
SHA256
9271b8f559cbdaa8270abd63bde1621f8c2a494e6e244d014d07098b8f724e07
-
SHA512
07602e5024129775abca96afe26951e3fa66c2ed94ba0b6f53af7c34c0ffcf396fe704e67d750b0faf5bc2b2c572893bff45ddec7ab06b7a118bfd5fe59007ee
-
SSDEEP
12288:Ips1Li297yoONx7bODNR6cXZnFuLhbpNjBn7ShD7EPi2LQFjPQNph+L8AA1:IpwlWDNE36MnFuNpNjVShDKilebOU
Malware Config
Extracted
agenttesla
Protocol: ftp- Host:
ftp://ftp.aminhacorretora.com.br - Port:
21 - Username:
[email protected] - Password:
_yA=,M5*J?KH
Targets
-
-
Target
Rozprawa sądowa zaplanowana na 25 listopada 2024 r., godz. 1130 T14050024.971.doc.exe
-
Size
812KB
-
MD5
6142aad778dc57ae2ecfe036c2d11c4e
-
SHA1
73d3b45ab4812f445b6cf1c58ea7b7fdf47295a8
-
SHA256
325f8b7cb5f2bd3c93b6052bc44407c878feef638ed6303b9385185b05ac3f67
-
SHA512
5f4fd5212843e106ce21bebcc0776bb8647cd83de9a07e9b50ac6bbec72947b5eb288ba12a19685e9c238bc69ee4b8133fd05e7cf5797b40db2fb0269480ec3b
-
SSDEEP
12288:mB3yuZG8+De1kIse8LRWjrZCollIoNE8kzZu3vvK541rs:mB3yuZGVteKRyjl6ik1Cvvy41rs
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-