General
-
Target
e8d6b276a7c25113dbe45e4f2a35ea7e9095b4a7ba189af29481d5cfcdf0fd2a
-
Size
1.1MB
-
Sample
241223-bp9t5atlfq
-
MD5
2f3cdcec9cd413b4275b90eaf8b3beb7
-
SHA1
b2255b49cff673dbe6ba36a33894f2b4dda8bc24
-
SHA256
e8d6b276a7c25113dbe45e4f2a35ea7e9095b4a7ba189af29481d5cfcdf0fd2a
-
SHA512
dfc674c023e3fce9fbced360187c73683e54ca2aa6b9d41cfd9cfe30b9c44905dfa95b5ecedbc1a39abe241a894753622cb352396a3a1362a4d7b924f6112c37
-
SSDEEP
24576:NqDEvCTbMWu7rQYlBQcBiT6rprG8a1fjDXuX1v:NTvC/MTQYxsWR7a1f3XuX1
Static task
static1
Behavioral task
behavioral1
Sample
e8d6b276a7c25113dbe45e4f2a35ea7e9095b4a7ba189af29481d5cfcdf0fd2a.exe
Resource
win7-20240903-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
srv.masternic.net - Port:
587 - Username:
[email protected] - Password:
-H{2Szxi!%qb - Email To:
[email protected]
Targets
-
-
Target
e8d6b276a7c25113dbe45e4f2a35ea7e9095b4a7ba189af29481d5cfcdf0fd2a
-
Size
1.1MB
-
MD5
2f3cdcec9cd413b4275b90eaf8b3beb7
-
SHA1
b2255b49cff673dbe6ba36a33894f2b4dda8bc24
-
SHA256
e8d6b276a7c25113dbe45e4f2a35ea7e9095b4a7ba189af29481d5cfcdf0fd2a
-
SHA512
dfc674c023e3fce9fbced360187c73683e54ca2aa6b9d41cfd9cfe30b9c44905dfa95b5ecedbc1a39abe241a894753622cb352396a3a1362a4d7b924f6112c37
-
SSDEEP
24576:NqDEvCTbMWu7rQYlBQcBiT6rprG8a1fjDXuX1v:NTvC/MTQYxsWR7a1f3XuX1
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Agenttesla family
-
Suspicious use of SetThreadContext
-