Overview

overview

10

Static

static

SWIFT.exe

windows7_x64

10

SWIFT.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SWIFT.exe

  • Size

    527KB

  • Sample

    210408-7aylsyf7xa

  • MD5

    10147d04f23eb0e97f535f432988ee6f

  • SHA1

    3ed18b8b0238ae1d80b75b1622c1050fa3823870

  • SHA256

    a2d57fd326d83d00c7aa270df2145c200205a5e94637948db042a0ac20239389

  • SHA512

    b6e1f09b715cd6b4db9df25a2c0b6afcb8579219b2769fe86c2c97da9b57031c51f2eefd819912808475d1a20848d5c348f974e7233967a0371e18ea73204331

Score
10/10
agentteslakeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    smtp.yandex.ru
  • Port:
    587
  • Username:
    result.package@yandex.ru
  • Password:
    Blessing123

Targets

    • Target

      SWIFT.exe

    • Size

      527KB

    • MD5

      10147d04f23eb0e97f535f432988ee6f

    • SHA1

      3ed18b8b0238ae1d80b75b1622c1050fa3823870

    • SHA256

      a2d57fd326d83d00c7aa270df2145c200205a5e94637948db042a0ac20239389

    • SHA512

      b6e1f09b715cd6b4db9df25a2c0b6afcb8579219b2769fe86c2c97da9b57031c51f2eefd819912808475d1a20848d5c348f974e7233967a0371e18ea73204331

    Score
    10/10
    agentteslakeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks