Mirrors
/
ioc-collection
mirror of https://github.com/avast/ioc
6
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
ioc-collection/AgentTeslaISOCampaign
History
Pavel Novák 8fb4e0077e IoCs for Agent Tesla ISO Email campaign 2022-08-24 13:20:01 +02:00
..
README.md IoCs for Agent Tesla ISO Email campaign 2022-08-24 13:20:01 +02:00
network.txt IoCs for Agent Tesla ISO Email campaign 2022-08-24 13:20:01 +02:00
samples.md5 IoCs for Agent Tesla ISO Email campaign 2022-08-24 13:20:01 +02:00
samples.sha1 IoCs for Agent Tesla ISO Email campaign 2022-08-24 13:20:01 +02:00
samples.sha256 IoCs for Agent Tesla ISO Email campaign 2022-08-24 13:20:01 +02:00

README.md

IoC from Operation Dragon Castling

Malware analysis and more technical information at https://decoded.avast.io/pavelnovak/agenttesla-is-threatening-businesses-around-the-world-with-a-new-campaign/

Table of Contents

Samples (SHA-256)

ISO Attachment
83fe51953a0fe44389e197244faf90afe8ee80101dc33cb294cf6ef710e5aaba

AgentTesla Downloader Script
76f707afa3d4b2678aa5af270ea9325de6f8fdc4badf7249418e785438f1b8da

AgentTesla Injector
eb455ffb1595d1a06fc850ebc49b270ae84dd609e7b52144a60bb45cf4c4eb0e

Network indicators

FTP Exfiltration Server
ftp.akmokykla.lt

AgentTesla Download Servers
assltextile.com/Su34M.jpg
consult-mob.ro/M777.jpg
handcosalon.com/Su57.jpg