General

  • Target

    Order.exe

  • Size

    698KB

  • Sample

    210505-del2s736ax

  • MD5

    59aec19eabb5c948f48f949405bf4c66

  • SHA1

    86b55319d7d08bfaedeaec425a809d03b2f40079

  • SHA256

    ebf9b72c2f7cf094032172e2f318cd41f385e4bb46cb123b3e3138561f8b20a3

  • SHA512

    74ff7b142d6c27cd534e03364323184ad1097d398fe0f237a945d534db0b7b3dc53db9cf3b97e47d675c0c8430ba0bb66ed10866afdd80e9d51cfd1c34c71856

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:
    smtp
  • Host:
    smtp.vivaldi.net
  • Port:
    587
  • Username:
    smithcargo22@vivaldi.net
  • Password:
    invoice12345

Targets

MITRE ATT&CK Matrix ATT&CK v6

Execution

Scheduled Task

1
T1053

Persistence

Registry Run Keys / Startup Folder

1
T1060

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Modify Registry

1
T1112

Discovery

System Information Discovery

1
T1082

Tasks