2021-08-05 Agent Tesla 2 IOCs

1. THREAT IDENTIFICATION: AGENT TESLA
2.  
3. SUBJECTS OBSERVED
4. PO# NS504586-D
5.  
6. SENDERS OBSERVED
7. [email protected]
8.  
9. MALDOC FILE HASHES
10. NS504586.rar
11. 455f145b686e3e6ca405595e911732a8
12.  
13. AGENT TESLA PAYLOAD FILE HASHES
14. NS504586.exe
15. b45af164c33784cfd1968a9784ad574b
16.  
17. Renamed to:
18.  
19. daGruN.exe
20. b45af164c33784cfd1968a9784ad574b
21.  
22. AGENT TESLA ESMTP DESTINATION
23. p3plsmtpa07-03.prod.phx3.secureserver.net
24. 217.138.213.237
25.  
26. EXFILTRATION INFORMATION
27. Sender: [email protected]
28. To: [email protected]
29.  
30.  
31.