General
-
Target
BANK DATAILS.exe
-
Size
825KB
-
Sample
220805-ng5awscbc2
-
MD5
9c8721d5f0dfcb5893766810fc016b1b
-
SHA1
097e2d6bd75f55fee4ba991696d15bbd0f73137f
-
SHA256
22083794e761ae3e2fb684244ddadba8353b0dc25549d9591dbbd118dde52054
-
SHA512
83e9bd28a1ff90448cd029742dcf3dfea760ed70112ab85e840c661c053d59531f521e3d09a49c545cc7dc26b7bfc76d106e0bb3692b88c64c4f03acbe6177fa
Static task
static1
Behavioral task
behavioral1
Sample
BANK DATAILS.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
BANK DATAILS.exe
Resource
win10v2004-20220721-en
Malware Config
Extracted
Protocol: smtp- Host:
webmail.keeprojects.in - Port:
587 - Username:
quality@keeprojects.in - Password:
quality#@!
Extracted
agenttesla
Protocol: smtp- Host:
webmail.keeprojects.in - Port:
587 - Username:
quality@keeprojects.in - Password:
quality#@! - Email To:
uuc7470@gmail.com
Targets
-
-
Target
BANK DATAILS.exe
-
Size
825KB
-
MD5
9c8721d5f0dfcb5893766810fc016b1b
-
SHA1
097e2d6bd75f55fee4ba991696d15bbd0f73137f
-
SHA256
22083794e761ae3e2fb684244ddadba8353b0dc25549d9591dbbd118dde52054
-
SHA512
83e9bd28a1ff90448cd029742dcf3dfea760ed70112ab85e840c661c053d59531f521e3d09a49c545cc7dc26b7bfc76d106e0bb3692b88c64c4f03acbe6177fa
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-