General
-
Target
75161481daf8f70878df76af6d4430a953329143ceb18f31663c94bc85263044
-
Size
880KB
-
Sample
241122-brrfka1nbz
-
MD5
d78de3e8bf46c086d9fce186f01819eb
-
SHA1
3bb370bff2449c2af73110a4f9df28090791947c
-
SHA256
75161481daf8f70878df76af6d4430a953329143ceb18f31663c94bc85263044
-
SHA512
1db2d94c638010d21169fcbc61bb8c180854d7708d30f3c457b1e352ac025da53c11540a1cb9687a8ded3aacc7436aac1d2306d462bf4b1f3072ba50ff595624
-
SSDEEP
12288:/YA6tgpBhpj670qFNGrVmWKybvjIVbg/okXUM3O1b13gCQDL5IxNbToBfATE5:/4gFpu7dNgXRvZ5n3O1R45+oBfATE
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.sajbh.com - Port:
587 - Username:
[email protected] - Password:
Saj@2014 - Email To:
[email protected]
Targets
-
-
Target
75161481daf8f70878df76af6d4430a953329143ceb18f31663c94bc85263044
-
Size
880KB
-
MD5
d78de3e8bf46c086d9fce186f01819eb
-
SHA1
3bb370bff2449c2af73110a4f9df28090791947c
-
SHA256
75161481daf8f70878df76af6d4430a953329143ceb18f31663c94bc85263044
-
SHA512
1db2d94c638010d21169fcbc61bb8c180854d7708d30f3c457b1e352ac025da53c11540a1cb9687a8ded3aacc7436aac1d2306d462bf4b1f3072ba50ff595624
-
SSDEEP
12288:/YA6tgpBhpj670qFNGrVmWKybvjIVbg/okXUM3O1b13gCQDL5IxNbToBfATE5:/4gFpu7dNgXRvZ5n3O1R45+oBfATE
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Agenttesla family
-
AgentTesla payload
-
Suspicious use of SetThreadContext
-