General
-
Target
Transferencia de pago___________.exe
-
Size
1018KB
-
Sample
250701-jcjq6stjs7
-
MD5
53fd241075e84f769eaef4517681e43f
-
SHA1
fde83070f211e5a6b7c9981381dff5a3a8ba2cc6
-
SHA256
713d6000105067014ff9fa66e412f7463c6b7c9e6a2d4a4e34a72b28b523ef55
-
SHA512
f1704d6fdf88482cda6219f5f059581e7240b467d8961fbe9f2cca8826e3028b7428012de8ede58319e52ffd5a122dbd97128bf6da023765e6b5b70e7c521db1
-
SSDEEP
24576:PuE0Vsb8ImfhQ8IryCw0Ijm8IryCw0Ij:WPVC8phQ8IrJ4C8IrJ4
Static task
static1
Behavioral task
behavioral1
Sample
Transferencia de pago___________.exe
Resource
win10v2004-20250619-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.mensajeriadinamica.mx - Port:
587 - Username:
[email protected] - Password:
M3ns47139 - Email To:
[email protected]
Targets
-
-
Target
Transferencia de pago___________.exe
-
Size
1018KB
-
MD5
53fd241075e84f769eaef4517681e43f
-
SHA1
fde83070f211e5a6b7c9981381dff5a3a8ba2cc6
-
SHA256
713d6000105067014ff9fa66e412f7463c6b7c9e6a2d4a4e34a72b28b523ef55
-
SHA512
f1704d6fdf88482cda6219f5f059581e7240b467d8961fbe9f2cca8826e3028b7428012de8ede58319e52ffd5a122dbd97128bf6da023765e6b5b70e7c521db1
-
SSDEEP
24576:PuE0Vsb8ImfhQ8IryCw0Ijm8IryCw0Ij:WPVC8phQ8IrJ4C8IrJ4
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Agenttesla family
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-