General
-
Target
79949f815e4110d4484b8f1d51efd3bf214843e27e34cf5902f91142b2f98922
-
Size
1.3MB
-
Sample
241031-bpv1zawejr
-
MD5
7ca661347fc83341919af2bc10827f55
-
SHA1
f0f4528ea4f89c058d702da171d116cc5e3f5057
-
SHA256
79949f815e4110d4484b8f1d51efd3bf214843e27e34cf5902f91142b2f98922
-
SHA512
31e9a69f1c10ece2b4da4c5dc25e7f32200ed58b1bf9f8b734753c9e2e54318c8c413ac471cbc08a04fa74416da1129f4c8e737f970f2277966c8715dcd5973a
-
SSDEEP
24576:tqDEvCTbMWu7rQYlBQcBiT6rprG8aBVpyLgZi2giZ/yMu6OkTB87F9nwRV7vrr:tTvC/MTQYxsWR7aBOuZ/yMBOqe7jnsJ
Static task
static1
Behavioral task
behavioral1
Sample
79949f815e4110d4484b8f1d51efd3bf214843e27e34cf5902f91142b2f98922.exe
Resource
win7-20240903-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
srv.masternic.net - Port:
587 - Username:
[email protected] - Password:
-H{2Szxi!%qb - Email To:
[email protected]
Targets
-
-
Target
79949f815e4110d4484b8f1d51efd3bf214843e27e34cf5902f91142b2f98922
-
Size
1.3MB
-
MD5
7ca661347fc83341919af2bc10827f55
-
SHA1
f0f4528ea4f89c058d702da171d116cc5e3f5057
-
SHA256
79949f815e4110d4484b8f1d51efd3bf214843e27e34cf5902f91142b2f98922
-
SHA512
31e9a69f1c10ece2b4da4c5dc25e7f32200ed58b1bf9f8b734753c9e2e54318c8c413ac471cbc08a04fa74416da1129f4c8e737f970f2277966c8715dcd5973a
-
SSDEEP
24576:tqDEvCTbMWu7rQYlBQcBiT6rprG8aBVpyLgZi2giZ/yMu6OkTB87F9nwRV7vrr:tTvC/MTQYxsWR7aBOuZ/yMBOqe7jnsJ
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Agenttesla family
-
Suspicious use of SetThreadContext
-