Overview

overview

10

Static

static

Payment _A...2).exe

windows7_x64

10

Payment _A...2).exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Payment _Advice (2).exe

  • Size

    804KB

  • Sample

    210408-bck4n26ba2

  • MD5

    8447c64196fb7ebc7e37e346c3398494

  • SHA1

    a30a0cf36a1bceb9bca69685a919bb9eb6adcb50

  • SHA256

    896a518b2db98d75130034be194d0c0295e00a5c310e068790599b69420b2f08

  • SHA512

    c3c509fd18e3cd4e7f5574d221c8afe20eaaa4dca9871cc58f7ebf6855469866319d1ef22df6ba5d9d7ee4c7c442c6235b2992f590e65aaed45d62996e1b0eb4

Score
10/10
agentteslakeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    smtp.yandex.ru
  • Port:
    587
  • Username:
    result.package@yandex.ru
  • Password:
    Blessing123

Targets

    • Target

      Payment _Advice (2).exe

    • Size

      804KB

    • MD5

      8447c64196fb7ebc7e37e346c3398494

    • SHA1

      a30a0cf36a1bceb9bca69685a919bb9eb6adcb50

    • SHA256

      896a518b2db98d75130034be194d0c0295e00a5c310e068790599b69420b2f08

    • SHA512

      c3c509fd18e3cd4e7f5574d221c8afe20eaaa4dca9871cc58f7ebf6855469866319d1ef22df6ba5d9d7ee4c7c442c6235b2992f590e65aaed45d62996e1b0eb4

    Score
    10/10
    agentteslakeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks