Advertisement
ExecuteMalware

2021-02-10 Agent Tesla IOCs

Feb 10th, 2021
4,029
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.56 KB | None | 0 0
  1. THREAT ATTRIBUTION: AGENT TESLA
  2.  
  3. SUBJECTS OBSERVED
  4. INQ#6142
  5.  
  6. SENDERS OBSERVED
  7. s.torniell@euroclone.it
  8.  
  9. MALDOC FILE HASHES
  10. INQ#6142.xlsx
  11. 2509ee9a83185ce3ebdf14320c600860
  12.  
  13. AGENT TESLA PAYLOAD URLS
  14. http://198.46.201.76/amina.exe
  15.  
  16. AGENT TESLA PAYLOAD FILE HASHES
  17. amina.exe
  18. 75fbc199b4d1302a8c1c2e9c1de89b38
  19.  
  20. Renames it to:
  21. vbc.exe
  22. 75fbc199b4d1302a8c1c2e9c1de89b38
  23.  
  24. AGENT TESLA ESMTP DESTINATION
  25. 77.88.21.158:587
  26. smtp.yandex.ru
  27.  
  28. SUPPORTING EVIDENCE
  29. https://urlhaus.abuse.ch/url/999477/
  30. https://app.any.run/tasks/45651804-b4bf-4426-9ea2-bd80008132e5/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement