Overview

overview

10

Static

static

PO-no 74GW0942.exe

windows7_x64

10

PO-no 74GW0942.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PO-no 74GW0942.exe

  • Size

    837KB

  • Sample

    210420-a4v6adgqw6

  • MD5

    4cde3609b918d4ef83a1f50dd0e6bc8e

  • SHA1

    69878bfdfe1b730f802bfa6ad515efdef96aa43f

  • SHA256

    5c4676ef5bd6f6d10826944d9e51efadb58fbbb936ff5f10d7aa91235c35946d

  • SHA512

    7def65260ab6f04c0b4e3af4754e54d28bd6a289152692f047915b2cc9fb5f799ae47a605efe401f1e606b0c7f787be13b68ac1ec67ba88539a12d041c6d8f5f

Score
10/10
agentteslakeyloggerpersistencespywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    us2.smtp.mailhostbox.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    project2021blessinggoodgood2+me

Targets

    • Target

      PO-no 74GW0942.exe

    • Size

      837KB

    • MD5

      4cde3609b918d4ef83a1f50dd0e6bc8e

    • SHA1

      69878bfdfe1b730f802bfa6ad515efdef96aa43f

    • SHA256

      5c4676ef5bd6f6d10826944d9e51efadb58fbbb936ff5f10d7aa91235c35946d

    • SHA512

      7def65260ab6f04c0b4e3af4754e54d28bd6a289152692f047915b2cc9fb5f799ae47a605efe401f1e606b0c7f787be13b68ac1ec67ba88539a12d041c6d8f5f

    Score
    10/10
    agentteslakeyloggerpersistencespywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks