General
-
Target
1fab9e0ce7b45bbe988953cdf0febbef70425f38775be67f2b39b20f3d0a558a.exe
-
Size
1.1MB
-
Sample
241112-k4kyzszakp
-
MD5
b4f872c582516216424cb0006d3b850d
-
SHA1
f7d4bb9d81ed3675af20cb63dd59916adb82cd61
-
SHA256
1fab9e0ce7b45bbe988953cdf0febbef70425f38775be67f2b39b20f3d0a558a
-
SHA512
e0aa16e651c7d77bf5070b55a5f8de0ce4252af3f0c93f7a9ac9248c4c22be3ab6a8c99b4c2f1d16c58ffd8fa9bf65a1114cb0365b06d397aea4774280d1d490
-
SSDEEP
24576:/RmJkcoQricOIQxiZY1iaYuAAA7PEpyz8lhqOGZG12o:UJZoQrbTFZY1iaYuY76ywCtZG2o
Static task
static1
Behavioral task
behavioral1
Sample
1fab9e0ce7b45bbe988953cdf0febbef70425f38775be67f2b39b20f3d0a558a.exe
Resource
win7-20240903-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
cp8nl.hyperhost.ua - Port:
587 - Username:
[email protected] - Password:
cy+G_(979n9N - Email To:
[email protected]
Targets
-
-
Target
1fab9e0ce7b45bbe988953cdf0febbef70425f38775be67f2b39b20f3d0a558a.exe
-
Size
1.1MB
-
MD5
b4f872c582516216424cb0006d3b850d
-
SHA1
f7d4bb9d81ed3675af20cb63dd59916adb82cd61
-
SHA256
1fab9e0ce7b45bbe988953cdf0febbef70425f38775be67f2b39b20f3d0a558a
-
SHA512
e0aa16e651c7d77bf5070b55a5f8de0ce4252af3f0c93f7a9ac9248c4c22be3ab6a8c99b4c2f1d16c58ffd8fa9bf65a1114cb0365b06d397aea4774280d1d490
-
SSDEEP
24576:/RmJkcoQricOIQxiZY1iaYuAAA7PEpyz8lhqOGZG12o:UJZoQrbTFZY1iaYuY76ywCtZG2o
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Agenttesla family
-
Suspicious use of SetThreadContext
-