Request For Quotation_pdf.scr

General
Target

Request For Quotation_pdf.scr

Size

1MB

Sample

210113-3rtbn7h6fs

Score
10 /10
MD5

a9125d57b0d4162e7da34d6b8c10836f

SHA1

56bcb534abe3e5111b07b4f502b647fb5584b905

SHA256

4f84f23b927e4a2f6f64d0c824777c1e0edb05f8f83a662ef59617793582cfb6

SHA512

430731a8792d27fac18be517bb200a514cc8b7d72e90d0bdfcd630ba85600c46633f13b3499eea0993573122c07dd5015fc2318b7e13dbed9495222822d6930d

Malware Config
Targets
Target

Request For Quotation_pdf.scr

MD5

a9125d57b0d4162e7da34d6b8c10836f

Filesize

1MB

Score
10 /10
SHA1

56bcb534abe3e5111b07b4f502b647fb5584b905

SHA256

4f84f23b927e4a2f6f64d0c824777c1e0edb05f8f83a662ef59617793582cfb6

SHA512

430731a8792d27fac18be517bb200a514cc8b7d72e90d0bdfcd630ba85600c46633f13b3499eea0993573122c07dd5015fc2318b7e13dbed9495222822d6930d

Tags

Signatures

  • AgentTesla

    Description

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    Tags

  • Reads data files stored by FTP clients

    Description

    Tries to access configuration files associated with programs like FileZilla.

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Reads user/profile data of local email clients

    Description

    Email clients store some user data on disk where infostealers will often target it.

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local System Credentials in Files

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
      Discovery
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Persistence
                  Privilege Escalation
                    Tasks