General

  • Target

    CT_7093164285.exe

  • Size

    852KB

  • Sample

    210408-gtbsjxwrbx

  • MD5

    4115754d5b0d6ab49aed7fdde034d04a

  • SHA1

    6eb5fbd8c35001249521652c36c0cb9feccddbbe

  • SHA256

    67e40f25962f1a77b84cc4a4b990bf99041924736e11b55e74edef29816ef3ec

  • SHA512

    27b8c0c266d8836499c3e1c4496569cd23364f925933708e1ced61ed682eae1733919c6e09e4e2f0dcd1e2d5bd76a8843f1b0b6b89a95ae779d04cfd1c00a012

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:
    smtp
  • Host:
    mail.chrismehat.com
  • Port:
    587
  • Username:
    market@chrismehat.com
  • Password:
    vStcCO~Cyox6

Targets

    • Target

      CT_7093164285.exe

    • Size

      852KB

    • MD5

      4115754d5b0d6ab49aed7fdde034d04a

    • SHA1

      6eb5fbd8c35001249521652c36c0cb9feccddbbe

    • SHA256

      67e40f25962f1a77b84cc4a4b990bf99041924736e11b55e74edef29816ef3ec

    • SHA512

      27b8c0c266d8836499c3e1c4496569cd23364f925933708e1ced61ed682eae1733919c6e09e4e2f0dcd1e2d5bd76a8843f1b0b6b89a95ae779d04cfd1c00a012

MITRE ATT&CK Matrix ATT&CK v6

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Discovery

System Information Discovery

1
T1082

Tasks