Static task
static1
Behavioral task
behavioral1
Sample
New PO.pdf..exe
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
New PO.pdf..exe
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
New PO.pdf..rar
-
Size
87KB
-
MD5
3a7c1ed8b8db079e94e6ad0952878cd4
-
SHA1
d9beb5447553c4d55633201782e4723dc267cbc3
-
SHA256
9b449366cea4582b9fe4f1bfdf4e394c4ab3563d64b4c0ccf823874d3f781a60
-
SHA512
b13ce03db59eb16a2773440427cea481589c5263e4297fcd41c6d96d5f42dc388b8c6fe06350323a1662126b97b3512fa68353d8d803548f31730e7e70f1032c
Score
10/10
Malware Config
Extracted
Family
agenttesla
Credentials
Protocol: smtp- Host:
mail.etc-ks.com - Port:
587 - Username:
etc.express1@etc-ks.com - Password:
bEK2FBG#ds|K
Signatures
-
AgentTesla Payload 1 IoCs
Processes:
resource yara_rule static1/unpack001/New PO.pdf..exe family_agenttesla -
Agenttesla family
Files
-
New PO.pdf..rar.rar
-
New PO.pdf..exe.exe windows x86