General
-
Target
d2196a161741acc9a33cab7859e04c625ee492f31dc96a17c57cacb2517f61c7.exe
-
Size
1.4MB
-
Sample
250107-dbywtazrht
-
MD5
870b700a93942a80deae8eafd7fef972
-
SHA1
6daf90b72e9cf81a4b31669d03d753a7b3ab83ba
-
SHA256
d2196a161741acc9a33cab7859e04c625ee492f31dc96a17c57cacb2517f61c7
-
SHA512
64a7a9db5a18bd74eb3d5b85c865dff9be2bbebe7c2db154cdb6ae068970861f25f5f31f59fec0e11f0b92055e05f2c0b61eb7ab77158b514ac1a7b952312ba7
-
SSDEEP
24576:HqDEvCTbMWu7rQYlBQcBiT6rprG8alSN/kwfyzKKQ3P6oI3apbx9:HTvC/MTQYxsWR7alSqwfyOKQ32ap9
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.pgsu.co.id - Port:
587 - Username:
[email protected] - Password:
Vecls16@Vezs - Email To:
[email protected]
Targets
-
-
Target
d2196a161741acc9a33cab7859e04c625ee492f31dc96a17c57cacb2517f61c7.exe
-
Size
1.4MB
-
MD5
870b700a93942a80deae8eafd7fef972
-
SHA1
6daf90b72e9cf81a4b31669d03d753a7b3ab83ba
-
SHA256
d2196a161741acc9a33cab7859e04c625ee492f31dc96a17c57cacb2517f61c7
-
SHA512
64a7a9db5a18bd74eb3d5b85c865dff9be2bbebe7c2db154cdb6ae068970861f25f5f31f59fec0e11f0b92055e05f2c0b61eb7ab77158b514ac1a7b952312ba7
-
SSDEEP
24576:HqDEvCTbMWu7rQYlBQcBiT6rprG8alSN/kwfyzKKQ3P6oI3apbx9:HTvC/MTQYxsWR7alSqwfyOKQ32ap9
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Agenttesla family
-
Suspicious use of SetThreadContext
-