Overview

overview

10

Static

static

PROFILE SU...df.exe

windows7_x64

10

PROFILE SU...df.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PROFILE SULFERT 2021_pdf.rar

  • Size

    594KB

  • Sample

    210422-l96w1zbype

  • MD5

    eaab9ac59fb0a7631ed6260f0be91bdf

  • SHA1

    2ad16bf0927a78c9ae98c0cfbb80a43474ee62ad

  • SHA256

    f73fd03534d33ba3fae1a599de9cae587a34fe060457fdab954e79a0ab2f52ff

  • SHA512

    8ffe0269e05c54e798622776bcf35a11020832804fbaf3d98c3c85f006423f6a244bf52b6bb206e7683b7c0732cc551b7e650560e63ef4685603d7c327bf4a38

Score
10/10
agentteslakeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    mail.ilkimegitim.com
  • Port:
    587
  • Username:
    savas@ilkimegitim.com
  • Password:
    Savas581

Targets

    • Target

      PROFILE SULFERT 2021_pdf.exe

    • Size

      919KB

    • MD5

      091ea9575d227e96f6d5ed5765c1c91c

    • SHA1

      414065616351035e663b101a0549d74bab83eff3

    • SHA256

      f3b2b42ef8cec0923c1775d70e26d43577f386e0080b5e3215f608dd33e75313

    • SHA512

      d6629254b26d6d53688580c8102eeddc23abc71d834519f068d19641a81e8e582204dc308d3defb38eeed132a9026187df6a3330782c7353ba9f0332f73953e6

    Score
    10/10
    agentteslakeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks