General
-
Target
7289da5a1cc6d7149e862660a7f3f48db0ef1f6f8e5de991501e72bde1192be9.exe
-
Size
685KB
-
Sample
240630-bm7lzs1epf
-
MD5
786b7016ffc2a7f04d0a83e3666b8ed6
-
SHA1
0b35d8f3a846fc6a4200bcfec56d71222c9699d8
-
SHA256
7289da5a1cc6d7149e862660a7f3f48db0ef1f6f8e5de991501e72bde1192be9
-
SHA512
4f1c05783e517180785898cdd3d2bc4516461b75818126bf6f39eb676fd99c34f1d066fab03bfb1e8594326b9923aa51c2bf7437980b8c6ab9cccf198e92287b
-
SSDEEP
12288:xim28pNZ6yAI1lbCawCsPp9kLKgbgigZhNkgT4f0wYNkEP2lWnLSp8RvZUj9zNiL:ogpN5JwzPkKNHnKtKkEO4WpAvybCb
Static task
static1
Behavioral task
behavioral1
Sample
7289da5a1cc6d7149e862660a7f3f48db0ef1f6f8e5de991501e72bde1192be9.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7289da5a1cc6d7149e862660a7f3f48db0ef1f6f8e5de991501e72bde1192be9.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
srv.masternic.net - Port:
587 - Username:
[email protected] - Password:
-H{2Szxi!%qb - Email To:
[email protected]
Targets
-
-
Target
7289da5a1cc6d7149e862660a7f3f48db0ef1f6f8e5de991501e72bde1192be9.exe
-
Size
685KB
-
MD5
786b7016ffc2a7f04d0a83e3666b8ed6
-
SHA1
0b35d8f3a846fc6a4200bcfec56d71222c9699d8
-
SHA256
7289da5a1cc6d7149e862660a7f3f48db0ef1f6f8e5de991501e72bde1192be9
-
SHA512
4f1c05783e517180785898cdd3d2bc4516461b75818126bf6f39eb676fd99c34f1d066fab03bfb1e8594326b9923aa51c2bf7437980b8c6ab9cccf198e92287b
-
SSDEEP
12288:xim28pNZ6yAI1lbCawCsPp9kLKgbgigZhNkgT4f0wYNkEP2lWnLSp8RvZUj9zNiL:ogpN5JwzPkKNHnKtKkEO4WpAvybCb
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-