Static task
static1
Behavioral task
behavioral1
Sample
payment details.pdf.exe
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
payment details.pdf.exe
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
payment details.pdf.rar
-
Size
87KB
-
MD5
9db67123d16bf7c82c6001fd376f3aea
-
SHA1
f8b506939b8e0b2d46b140bbed63196b517e365f
-
SHA256
b1ca17a4e37f32c6785c2c08ddbbf96e4d287eecfbe32eb544c82e2a5dbd4312
-
SHA512
f90a3fcc2b7c76878a6a158dadaa0c17fbe92014685e9d057b2a8187c5789002e94380b348d5447feed350116b70d58fea6bdb90370bf654a2bd7f401842273a
Score
10/10
Malware Config
Extracted
Family
agenttesla
Credentials
Protocol: smtp- Host:
mail.etc-ks.com - Port:
587 - Username:
etc.express1@etc-ks.com - Password:
bEK2FBG#ds|K
Signatures
-
AgentTesla Payload 1 IoCs
Processes:
resource yara_rule static1/unpack001/payment details.pdf.exe family_agenttesla -
Agenttesla family
Files
-
payment details.pdf.rar.rar
-
payment details.pdf.exe.exe windows x86