General
-
Target
e170bebe3458c6c905e077474fb156f84b43d77cc3adb285ab953d06402f0566
-
Size
1.1MB
-
Sample
241114-mjbwpa1pel
-
MD5
5cfc07742288131240451676640632cc
-
SHA1
64c904eb85a92a186171c9ae17b6d537cd4102d9
-
SHA256
e170bebe3458c6c905e077474fb156f84b43d77cc3adb285ab953d06402f0566
-
SHA512
be710e136cc632dcafe1968daf283ee7103b3e92b48649c9a7b7775160752304e90f044f6ed714ddd569f8244d91c7af7306d7918249e6ef875275523de1b977
-
SSDEEP
24576:ffmMv6Ckr7Mny5QLB6VPB74iSdTN8LFDAS2m:f3v+7/5QLBAP2XkFDAbm
Static task
static1
Behavioral task
behavioral1
Sample
e170bebe3458c6c905e077474fb156f84b43d77cc3adb285ab953d06402f0566.exe
Resource
win7-20240903-en
Malware Config
Extracted
agenttesla
Protocol: ftp- Host:
ftp://backup.smartape.ru - Port:
21 - Username:
user894492 - Password:
w6NZOdcSkH1a
Targets
-
-
Target
e170bebe3458c6c905e077474fb156f84b43d77cc3adb285ab953d06402f0566
-
Size
1.1MB
-
MD5
5cfc07742288131240451676640632cc
-
SHA1
64c904eb85a92a186171c9ae17b6d537cd4102d9
-
SHA256
e170bebe3458c6c905e077474fb156f84b43d77cc3adb285ab953d06402f0566
-
SHA512
be710e136cc632dcafe1968daf283ee7103b3e92b48649c9a7b7775160752304e90f044f6ed714ddd569f8244d91c7af7306d7918249e6ef875275523de1b977
-
SSDEEP
24576:ffmMv6Ckr7Mny5QLB6VPB74iSdTN8LFDAS2m:f3v+7/5QLBAP2XkFDAbm
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Agenttesla family
-
Suspicious use of SetThreadContext
-