Overview

overview

10

Static

static

PO-16032021,PDF.exe

windows7_x64

10

PO-16032021,PDF.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PO-16032021,PDF.exe

  • Size

    1.1MB

  • Sample

    210421-jf2ny5ed8j

  • MD5

    d7e49ef3a90bdeb44d7b5bb85bebbc1b

  • SHA1

    52404f0c92b94bf6ce07905592dcf614013bf08c

  • SHA256

    e01b10b57d317655cde32a37805d387131b27c88557241e0cee953e2419af93a

  • SHA512

    53d8decdcec050da5adca3b16becaffc8bc1955640c55570a98a66e1913d50f1e36d9c0b49231386a0ed04439004b18b0b9b66f1b6c4d101a9c6e767fc8ccf89

Score
10/10
agentteslakeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    smtp.biolegends.net
  • Port:
    587
  • Username:
    intlcs@biolegends.net
  • Password:
    dFKf#W)7

Targets

    • Target

      PO-16032021,PDF.exe

    • Size

      1.1MB

    • MD5

      d7e49ef3a90bdeb44d7b5bb85bebbc1b

    • SHA1

      52404f0c92b94bf6ce07905592dcf614013bf08c

    • SHA256

      e01b10b57d317655cde32a37805d387131b27c88557241e0cee953e2419af93a

    • SHA512

      53d8decdcec050da5adca3b16becaffc8bc1955640c55570a98a66e1913d50f1e36d9c0b49231386a0ed04439004b18b0b9b66f1b6c4d101a9c6e767fc8ccf89

    Score
    10/10
    agentteslakeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks