Pending Order Confirmation.gz.exe

General
Target

Pending Order Confirmation.gz.exe

Size

669KB

Sample

201126-m9qsh72d6n

Score
10 /10
MD5

fabea57872e14b1facc1f3ff573ae6b9

SHA1

d790a7ba0dbe886ca05580eb7f3bd47e7b5879ab

SHA256

ae6c488302c04f00a60835db6b955fb8e1eb42f0e73e71873f5b7dc630596755

SHA512

7ff1e78602417a2f7b1ccc9e2025851827aef1735605377e48a13a9fc629dffed7cea4262335741a86b82609c7d1b5fdc8a45fd9d611bbdf4fcca0bed98b59b7

Malware Config

Extracted

Protocol smtp
Host smtp.shirdilog.com
Port 587
Username cs.maa@shirdilog.com
Password SL094521
Targets
Target

Pending Order Confirmation.gz.exe

MD5

fabea57872e14b1facc1f3ff573ae6b9

Filesize

669KB

Score
10 /10
SHA1

d790a7ba0dbe886ca05580eb7f3bd47e7b5879ab

SHA256

ae6c488302c04f00a60835db6b955fb8e1eb42f0e73e71873f5b7dc630596755

SHA512

7ff1e78602417a2f7b1ccc9e2025851827aef1735605377e48a13a9fc629dffed7cea4262335741a86b82609c7d1b5fdc8a45fd9d611bbdf4fcca0bed98b59b7

Tags

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Execution
      Exfiltration
        Impact
          Initial Access
            Lateral Movement
              Persistence
              Privilege Escalation