General
-
Target
15e4f631a87301196f8f743de54b6afae297e04885b225b01468f6a1957a866d
-
Size
1.9MB
-
Sample
250114-b556wasrgz
-
MD5
323330e3bda6a6f7bfba0eb491306627
-
SHA1
3d3720390e31110af620f91f4ae5ecae840d110a
-
SHA256
15e4f631a87301196f8f743de54b6afae297e04885b225b01468f6a1957a866d
-
SHA512
ea9575481313a85dd4f7588288cacf4077f312b1d99f18e18921b28169d3db51e7606e8d2967e22b4e98bd8b03a109c2a3a40a5068185bf15fdee07db6791efd
-
SSDEEP
24576:VhBi1SINnwNiyhfdLZJDkEC71f3RTsed5OGQT/1/0INb5cGY1iQ1drJ+hu3A8K/9:VUR8nLZJDkE/YQ4AjLoyEkmZ9Y14
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.curnic.com - Port:
587 - Username:
[email protected] - Password:
TiqEDNO8
Targets
-
-
Target
15e4f631a87301196f8f743de54b6afae297e04885b225b01468f6a1957a866d
-
Size
1.9MB
-
MD5
323330e3bda6a6f7bfba0eb491306627
-
SHA1
3d3720390e31110af620f91f4ae5ecae840d110a
-
SHA256
15e4f631a87301196f8f743de54b6afae297e04885b225b01468f6a1957a866d
-
SHA512
ea9575481313a85dd4f7588288cacf4077f312b1d99f18e18921b28169d3db51e7606e8d2967e22b4e98bd8b03a109c2a3a40a5068185bf15fdee07db6791efd
-
SSDEEP
24576:VhBi1SINnwNiyhfdLZJDkEC71f3RTsed5OGQT/1/0INb5cGY1iQ1drJ+hu3A8K/9:VUR8nLZJDkE/YQ4AjLoyEkmZ9Y14
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Agenttesla family
-
AgentTesla payload
-
Suspicious use of SetThreadContext
-