General
-
Target
47a6d649b918a7a00365351a872563afacbb744a7c0e3f2daa2edffd91bd3a5a
-
Size
718KB
-
Sample
250115-bpy3mawkdx
-
MD5
189df4d886ce158af73e5b17e71a5855
-
SHA1
21457dfa6c0bd2fc3c261fe37d86eb4e6ea9d61a
-
SHA256
47a6d649b918a7a00365351a872563afacbb744a7c0e3f2daa2edffd91bd3a5a
-
SHA512
1432ac6b5b3e0f0432e96b5e89cb90246d0395c0fef7eb2a0cea6c85f3b56c136f7d1563e781666330653fb3ddb9277744ef7342904437d5445daa5bb5c3d17f
-
SSDEEP
12288:CfxYRxA4Y5lyA/BxSPCmkBbyT9x/GjvEN5229d5pX28sEd1tEmuMDadW2zywof++:3ReUSjC522v5p1N1mmuMDadvzyBz
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.thelamalab.com - Port:
587 - Username:
[email protected] - Password:
Thel@malab@20!9 - Email To:
[email protected]
Targets
-
-
Target
47a6d649b918a7a00365351a872563afacbb744a7c0e3f2daa2edffd91bd3a5a
-
Size
718KB
-
MD5
189df4d886ce158af73e5b17e71a5855
-
SHA1
21457dfa6c0bd2fc3c261fe37d86eb4e6ea9d61a
-
SHA256
47a6d649b918a7a00365351a872563afacbb744a7c0e3f2daa2edffd91bd3a5a
-
SHA512
1432ac6b5b3e0f0432e96b5e89cb90246d0395c0fef7eb2a0cea6c85f3b56c136f7d1563e781666330653fb3ddb9277744ef7342904437d5445daa5bb5c3d17f
-
SSDEEP
12288:CfxYRxA4Y5lyA/BxSPCmkBbyT9x/GjvEN5229d5pX28sEd1tEmuMDadW2zywof++:3ReUSjC522v5p1N1mmuMDadvzyBz
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Agenttesla family
-
Suspicious use of SetThreadContext
-