General
-
Target
3254ae956ab9ef803ee179eabbf970d0cf6c988f335e346084db2f628003f94d
-
Size
1.1MB
-
Sample
240630-bc6xpsvbml
-
MD5
b64da7805a3b0da3d150990e172e1579
-
SHA1
cc423a78601cbf32e21754f1bd5f7890c338975e
-
SHA256
3254ae956ab9ef803ee179eabbf970d0cf6c988f335e346084db2f628003f94d
-
SHA512
7826eb4eef7c40395340236e707929993fe55cb82b658e5eb271bd526713bc55396d150c21a78a9e16186d7fcef69f653ebe532e8a65970006328cab86d1df73
-
SSDEEP
24576:qAHnh+eWsN3skA4RV1Hom2KXMmHadPJ+YQ5Irkg8HgM5:9h+ZkldoPK8YadVQurb8Hn
Static task
static1
Behavioral task
behavioral1
Sample
3254ae956ab9ef803ee179eabbf970d0cf6c988f335e346084db2f628003f94d.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
3254ae956ab9ef803ee179eabbf970d0cf6c988f335e346084db2f628003f94d.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
cp8nl.hyperhost.ua - Port:
587 - Username:
[email protected] - Password:
cy+G_(979n9N - Email To:
[email protected]
Targets
-
-
Target
3254ae956ab9ef803ee179eabbf970d0cf6c988f335e346084db2f628003f94d
-
Size
1.1MB
-
MD5
b64da7805a3b0da3d150990e172e1579
-
SHA1
cc423a78601cbf32e21754f1bd5f7890c338975e
-
SHA256
3254ae956ab9ef803ee179eabbf970d0cf6c988f335e346084db2f628003f94d
-
SHA512
7826eb4eef7c40395340236e707929993fe55cb82b658e5eb271bd526713bc55396d150c21a78a9e16186d7fcef69f653ebe532e8a65970006328cab86d1df73
-
SSDEEP
24576:qAHnh+eWsN3skA4RV1Hom2KXMmHadPJ+YQ5Irkg8HgM5:9h+ZkldoPK8YadVQurb8Hn
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-