General
-
Target
31b5427b86d6f1e9b200d17ebdadeb84e2e58bbb5046b4dba9c5050c0f47ace6
-
Size
238KB
-
Sample
241031-1f33navqcn
-
MD5
232be6f79d5197ab3a7378bbababcc06
-
SHA1
1c2523b16c3e35c230bee71ddf8f251c91a663c2
-
SHA256
31b5427b86d6f1e9b200d17ebdadeb84e2e58bbb5046b4dba9c5050c0f47ace6
-
SHA512
38f66b6096969cba611dfa7dc8740c9a1e173192cd57dbbfc53a51a9cd43ac37feba3f500ca73ff7e815fc5183478d093b220da0c617eff6498a8ca39b70c6bf
-
SSDEEP
3072:evi8wEgsvHLVLWIrnAU/HW6T2Kt6DL5A9g9icVY:Ui8wEgsvHLVLW4nAU/pt6Dgg9
Behavioral task
behavioral1
Sample
31b5427b86d6f1e9b200d17ebdadeb84e2e58bbb5046b4dba9c5050c0f47ace6.exe
Resource
win7-20241010-en
Malware Config
Extracted
agenttesla
Protocol: ftp- Host:
ftp://ftp.stingatoareincendii.ro - Port:
21 - Username:
[email protected] - Password:
Q-1HmWsBJgRe
Extracted
Protocol: ftp- Host:
ftp.stingatoareincendii.ro - Port:
21 - Username:
[email protected] - Password:
Q-1HmWsBJgRe
Targets
-
-
Target
31b5427b86d6f1e9b200d17ebdadeb84e2e58bbb5046b4dba9c5050c0f47ace6
-
Size
238KB
-
MD5
232be6f79d5197ab3a7378bbababcc06
-
SHA1
1c2523b16c3e35c230bee71ddf8f251c91a663c2
-
SHA256
31b5427b86d6f1e9b200d17ebdadeb84e2e58bbb5046b4dba9c5050c0f47ace6
-
SHA512
38f66b6096969cba611dfa7dc8740c9a1e173192cd57dbbfc53a51a9cd43ac37feba3f500ca73ff7e815fc5183478d093b220da0c617eff6498a8ca39b70c6bf
-
SSDEEP
3072:evi8wEgsvHLVLWIrnAU/HW6T2Kt6DL5A9g9icVY:Ui8wEgsvHLVLW4nAU/pt6Dgg9
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Agenttesla family
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-