General
-
Target
Inquiry - Specifications 002021.exe
-
Size
860KB
-
Sample
210927-qmskdshag5
-
MD5
768a1127c119149f96a29c0d0c0b56ec
-
SHA1
afe86ab8d4a8b5b092e95f1cb2ae563f5ea5867d
-
SHA256
2442c3ecd04264f108429a954275ee27986e00b79cbce6d07843dfefdf4d24af
-
SHA512
9288f45ef09172b28a4fa542b2ead2a2026b910eb229859125da6bfb735e0178e7e8dcd7c4eddc590646e409ccb6e180b24813f059e7f5f161983a3b7749c672
Static task
static1
Behavioral task
behavioral1
Sample
Inquiry - Specifications 002021.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
Inquiry - Specifications 002021.exe
Resource
win10-en-20210920
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.vern-group.com - Port:
587 - Username:
annett.jalowi@vern-group.com - Password:
HUSTLE2021
Targets
-
-
Target
Inquiry - Specifications 002021.exe
-
Size
860KB
-
MD5
768a1127c119149f96a29c0d0c0b56ec
-
SHA1
afe86ab8d4a8b5b092e95f1cb2ae563f5ea5867d
-
SHA256
2442c3ecd04264f108429a954275ee27986e00b79cbce6d07843dfefdf4d24af
-
SHA512
9288f45ef09172b28a4fa542b2ead2a2026b910eb229859125da6bfb735e0178e7e8dcd7c4eddc590646e409ccb6e180b24813f059e7f5f161983a3b7749c672
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla Payload
-
Suspicious use of SetThreadContext
-