General
-
Target
b02ae5b76c4d4b2c4044d600b2f2c28aba4aab0ace09cba6549ff68600e69afc.exe
-
Size
705KB
-
Sample
241123-h4dtka1kdx
-
MD5
9cf4c694007e67e74575cbc7d06398ce
-
SHA1
17bac01c461295c5a52a0aa08d6926a0973b2a8c
-
SHA256
b02ae5b76c4d4b2c4044d600b2f2c28aba4aab0ace09cba6549ff68600e69afc
-
SHA512
d29b77eceb90812d3280b538cc10d3c4426bc7bb7a625ede1754fb9c75d41d226a356999fa50ca94bbb07b1580efdce36ab04293f00e2c2763881508579ab48b
-
SSDEEP
12288:uSqbw0ydlJVJdN3YTgVbyONZIBuYJgKuONF+5SGZTt+0H3eHw06a+y/oozUWCdEd:/pPCTlONEu0ruOq6w3wjD
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.topfrozenfoodbrand.com - Port:
587 - Username:
[email protected] - Password:
Chukwudim28@ - Email To:
[email protected]
Targets
-
-
Target
b02ae5b76c4d4b2c4044d600b2f2c28aba4aab0ace09cba6549ff68600e69afc.exe
-
Size
705KB
-
MD5
9cf4c694007e67e74575cbc7d06398ce
-
SHA1
17bac01c461295c5a52a0aa08d6926a0973b2a8c
-
SHA256
b02ae5b76c4d4b2c4044d600b2f2c28aba4aab0ace09cba6549ff68600e69afc
-
SHA512
d29b77eceb90812d3280b538cc10d3c4426bc7bb7a625ede1754fb9c75d41d226a356999fa50ca94bbb07b1580efdce36ab04293f00e2c2763881508579ab48b
-
SSDEEP
12288:uSqbw0ydlJVJdN3YTgVbyONZIBuYJgKuONF+5SGZTt+0H3eHw06a+y/oozUWCdEd:/pPCTlONEu0ruOq6w3wjD
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Agenttesla family
-
AgentTesla payload
-
Suspicious use of SetThreadContext
-