mirror of
https://github.com/avast/ioc
synced 2024-06-16 11:58:39 +00:00
.. | ||
network.txt | ||
README.md | ||
samples.md5 | ||
samples.sha1 | ||
samples.sha256 |
IoC from Operation Dragon Castling
Malware analysis and more technical information at https://decoded.avast.io/pavelnovak/agenttesla-is-threatening-businesses-around-the-world-with-a-new-campaign/
Table of Contents
Samples (SHA-256)
ISO Attachment
83fe51953a0fe44389e197244faf90afe8ee80101dc33cb294cf6ef710e5aaba
AgentTesla Downloader Script
76f707afa3d4b2678aa5af270ea9325de6f8fdc4badf7249418e785438f1b8da
AgentTesla Injector
eb455ffb1595d1a06fc850ebc49b270ae84dd609e7b52144a60bb45cf4c4eb0e
Network indicators
FTP Exfiltration Server
ftp.akmokykla.lt
AgentTesla Download Servers
assltextile.com/Su34M.jpg
consult-mob.ro/M777.jpg
handcosalon.com/Su57.jpg