General
-
Target
c0769eda1a48670bdb7448ce23f64e9bf8baa22beeb4219519fa7a8c08ac79f3.exe
-
Size
664KB
-
Sample
241123-z2sclswrcx
-
MD5
d58738b885463c6672587047f807e71c
-
SHA1
da66f4c170f18464649a49283d6f98b155860d34
-
SHA256
c0769eda1a48670bdb7448ce23f64e9bf8baa22beeb4219519fa7a8c08ac79f3
-
SHA512
bf9e0fd98e959db0cf709b256ace7656d0c21c1600ab835818101eafc06033822bd4b5395255f42181594f6e02dbf8c1aaf5d23b9c5942a0ef762c71095d6c03
-
SSDEEP
12288:bTTZwuRQkpetFgVAv3Lq0i9XwszH7oNVZkm5VQ3uFRA6uTGbW+0JI0:bTikp2rq0KAszboNR7A5+WB
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.privateemail.com - Port:
587 - Username:
[email protected] - Password:
Everest10
Targets
-
-
Target
c0769eda1a48670bdb7448ce23f64e9bf8baa22beeb4219519fa7a8c08ac79f3.exe
-
Size
664KB
-
MD5
d58738b885463c6672587047f807e71c
-
SHA1
da66f4c170f18464649a49283d6f98b155860d34
-
SHA256
c0769eda1a48670bdb7448ce23f64e9bf8baa22beeb4219519fa7a8c08ac79f3
-
SHA512
bf9e0fd98e959db0cf709b256ace7656d0c21c1600ab835818101eafc06033822bd4b5395255f42181594f6e02dbf8c1aaf5d23b9c5942a0ef762c71095d6c03
-
SSDEEP
12288:bTTZwuRQkpetFgVAv3Lq0i9XwszH7oNVZkm5VQ3uFRA6uTGbW+0JI0:bTikp2rq0KAszboNR7A5+WB
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Agenttesla family
-
AgentTesla payload
-
Suspicious use of SetThreadContext
-