General
-
Target
5cc3602f45772a86c0548e965ce7e57809e2e00ac5f5f100006da37bb79c77cb
-
Size
779KB
-
Sample
220805-lmma6ahha6
-
MD5
ba7863b67930a109864139efe3da478e
-
SHA1
0a90df33ba078ba54576906d6072a11b8dca5356
-
SHA256
5cc3602f45772a86c0548e965ce7e57809e2e00ac5f5f100006da37bb79c77cb
-
SHA512
3cabfffd95d1151b04240caa2bf200c9a53cc3899f85927e3259f53805e2544dcdc4249b855bc4ffb245c1131d30ea48be52392928623ec1d0d4bb654212cc63
Static task
static1
Behavioral task
behavioral1
Sample
5cc3602f45772a86c0548e965ce7e57809e2e00ac5f5f100006da37bb79c77cb.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
5cc3602f45772a86c0548e965ce7e57809e2e00ac5f5f100006da37bb79c77cb.exe
Resource
win10v2004-20220721-en
Malware Config
Extracted
Protocol: smtp- Host:
us2.smtp.mailhostbox.com - Port:
587 - Username:
info@szlikestechs.com - Password:
0
Extracted
agenttesla
Protocol: smtp- Host:
us2.smtp.mailhostbox.com - Port:
587 - Username:
info@szlikestechs.com - Password:
Logistics@1234
Targets
-
-
Target
5cc3602f45772a86c0548e965ce7e57809e2e00ac5f5f100006da37bb79c77cb
-
Size
779KB
-
MD5
ba7863b67930a109864139efe3da478e
-
SHA1
0a90df33ba078ba54576906d6072a11b8dca5356
-
SHA256
5cc3602f45772a86c0548e965ce7e57809e2e00ac5f5f100006da37bb79c77cb
-
SHA512
3cabfffd95d1151b04240caa2bf200c9a53cc3899f85927e3259f53805e2544dcdc4249b855bc4ffb245c1131d30ea48be52392928623ec1d0d4bb654212cc63
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-