General
-
Target
JaffaCakes118_1c24baf2b436de2ef1594beb365a6898
-
Size
1.5MB
-
Sample
250704-ntlpbasmy7
-
MD5
1c24baf2b436de2ef1594beb365a6898
-
SHA1
b2f89df75dae4872d8def81a798f9444c0729596
-
SHA256
3db403fbe2dd969e2fc07bfdf1bcdcbd1429d9fb0cda0464f7ea6c59e21cc10e
-
SHA512
6e05c3307f1048f960ebc8d844b3e8607ed675c30e3a63298229dffd120bbe48a5be466399fa8f52486cbf6b74b6f374f1cd9c2b61291774f88404d701115b68
-
SSDEEP
12288:TdNtAu7hVLMmF+9rIMbifOPVrtcx+j4KiEQnhdnIHoQZHFdOeruY4Pw:lAuppbfOdsy41hXcZHFnCY44
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_1c24baf2b436de2ef1594beb365a6898.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
JaffaCakes118_1c24baf2b436de2ef1594beb365a6898.exe
Resource
win11-20250619-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.reliable-solutions.in - Port:
587 - Username:
[email protected] - Password:
Temp@2019
Targets
-
-
Target
JaffaCakes118_1c24baf2b436de2ef1594beb365a6898
-
Size
1.5MB
-
MD5
1c24baf2b436de2ef1594beb365a6898
-
SHA1
b2f89df75dae4872d8def81a798f9444c0729596
-
SHA256
3db403fbe2dd969e2fc07bfdf1bcdcbd1429d9fb0cda0464f7ea6c59e21cc10e
-
SHA512
6e05c3307f1048f960ebc8d844b3e8607ed675c30e3a63298229dffd120bbe48a5be466399fa8f52486cbf6b74b6f374f1cd9c2b61291774f88404d701115b68
-
SSDEEP
12288:TdNtAu7hVLMmF+9rIMbifOPVrtcx+j4KiEQnhdnIHoQZHFdOeruY4Pw:lAuppbfOdsy41hXcZHFnCY44
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Agenttesla family
-
AgentTesla payload
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-