General
-
Target
1e1191ee798f023a97e72754823d589956402d2f2fed2c2a901d8a869bb92c0d
-
Size
620KB
-
Sample
241017-bsm5jaxhmm
-
MD5
69442c9f9886b171bfc72fa28bcfbd1d
-
SHA1
ed34c1c49a534eaf349d1e0571188eb45d1bdaf7
-
SHA256
1e1191ee798f023a97e72754823d589956402d2f2fed2c2a901d8a869bb92c0d
-
SHA512
7f2509a58c5864a517653a5323e7e450eec2ef836eec7047862cb4fd10da2b712813cc29d4af9744da2f56d055049bfc589674bbed2e10513bd442ab1639093a
-
SSDEEP
12288:G2po9uoB7CjTeJDgQsgtnfvAd6625f+lsKXYCGH9cYch+jEGrUyEGtChU:G229diTYgQsgtfYd662NaZXFwHcY0Z8r
Static task
static1
Behavioral task
behavioral1
Sample
Rozprawa sądowa zaplanowana na 25 listopada 2024 r., godz. 1130 T14090024.571.doc.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
Rozprawa sądowa zaplanowana na 25 listopada 2024 r., godz. 1130 T14090024.571.doc.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
Protocol: ftp- Host:
ftp.aminhacorretora.com.br - Port:
21 - Username:
[email protected] - Password:
_yA=,M5*J?KH
Extracted
agenttesla
Protocol: ftp- Host:
ftp://ftp.aminhacorretora.com.br - Port:
21 - Username:
[email protected] - Password:
_yA=,M5*J?KH
Targets
-
-
Target
Rozprawa sądowa zaplanowana na 25 listopada 2024 r., godz. 1130 T14090024.571.doc.exe
-
Size
814KB
-
MD5
c6ad6edfa92898ce230177f0ecb4890c
-
SHA1
49b4e85cbf95afab5be60b3272370886418d64e9
-
SHA256
872f1970c19bbf2031fe43f9ed034f1edd2763e6ecda2de368336da3312d8463
-
SHA512
3865985334c5ac7a62f8cace759d2dcd13f8217472d9f3205eceaa0a418d1663f0f60826341ad569e4eeff22da86b1af80b49df8d4598e6e7b816c06113d8a6a
-
SSDEEP
12288:etc3yuZG8+De1kIse8LRWjrZCollIoNE8kOZu3OvK541rViCm:etc3yuZGVteKRyjl6ik4COvy41rV
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-