General

  • Target

    NEW-P&I_Circularpdf.exe

  • Size

    962KB

  • Sample

    210408-925d6dd59j

  • MD5

    182216a47605c50db6b8796adff4e3f9

  • SHA1

    06c36b24b2d877600500590d2b57f670d58773fc

  • SHA256

    408d0b8cf4df11f74ecd574dccdcc5bc7fdf483fce512401e0c767e801815357

  • SHA512

    654e99ee9ad6a52a87e03b1c13c1f44284f004713c42d9fb464f635dd6259682f6df0cc661a923c9cc9298c03137170342ed81e6f6dc4f79cc060e3589305acd

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:
    smtp
  • Host:
    mail.1300dentrepair.com.au
  • Port:
    587
  • Username:
    newadmin@1300dentrepair.com.au
  • Password:
    money123@@@

Targets

    • Target

      NEW-P&I_Circularpdf.exe

    • Size

      962KB

    • MD5

      182216a47605c50db6b8796adff4e3f9

    • SHA1

      06c36b24b2d877600500590d2b57f670d58773fc

    • SHA256

      408d0b8cf4df11f74ecd574dccdcc5bc7fdf483fce512401e0c767e801815357

    • SHA512

      654e99ee9ad6a52a87e03b1c13c1f44284f004713c42d9fb464f635dd6259682f6df0cc661a923c9cc9298c03137170342ed81e6f6dc4f79cc060e3589305acd

MITRE ATT&CK Matrix ATT&CK v6

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Discovery

System Information Discovery

1
T1082

Tasks