General
-
Target
664c0c690a791c1a863702884b3b3bd0aead7fabbd3ff6e46cff58f53c1cd3ff.exe
-
Size
1.0MB
-
Sample
240705-br6v9a1fjc
-
MD5
6c10bc159358093f6e827b170bcddeda
-
SHA1
1e9109ffb469e5c1fa2535c74f50c6afb7f99d66
-
SHA256
664c0c690a791c1a863702884b3b3bd0aead7fabbd3ff6e46cff58f53c1cd3ff
-
SHA512
d2f781e2152b341e086573007cd06b18142be352a8470749526ec6c50da615989eef6c1313ff10b01d5f46a7c5691377f81cbd5d91ae0361f3a7a010c3c71b4d
-
SSDEEP
24576:kAHnh+eWsN3skA4RV1Hom2KXMmHaswyH8aNpmq5:zh+ZkldoPK8YasbNz
Static task
static1
Behavioral task
behavioral1
Sample
664c0c690a791c1a863702884b3b3bd0aead7fabbd3ff6e46cff58f53c1cd3ff.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
664c0c690a791c1a863702884b3b3bd0aead7fabbd3ff6e46cff58f53c1cd3ff.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.pgsu.co.id - Port:
587 - Username:
[email protected] - Password:
Vecls16@Vezs - Email To:
[email protected]
Targets
-
-
Target
664c0c690a791c1a863702884b3b3bd0aead7fabbd3ff6e46cff58f53c1cd3ff.exe
-
Size
1.0MB
-
MD5
6c10bc159358093f6e827b170bcddeda
-
SHA1
1e9109ffb469e5c1fa2535c74f50c6afb7f99d66
-
SHA256
664c0c690a791c1a863702884b3b3bd0aead7fabbd3ff6e46cff58f53c1cd3ff
-
SHA512
d2f781e2152b341e086573007cd06b18142be352a8470749526ec6c50da615989eef6c1313ff10b01d5f46a7c5691377f81cbd5d91ae0361f3a7a010c3c71b4d
-
SSDEEP
24576:kAHnh+eWsN3skA4RV1Hom2KXMmHaswyH8aNpmq5:zh+ZkldoPK8YasbNz
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-