General

  • Target

    po.exe

  • Size

    898KB

  • Sample

    210511-ta7htac4ka

  • MD5

    83f6e4e71f9a6638f9caedb14934e3e6

  • SHA1

    f7b05b5d187510060c810229155f290393fc3482

  • SHA256

    94c45cc52e1fdbdf80a9d376ddbbd316a81d58acc1fa677a09b755e4cff17182

  • SHA512

    134cfbb2aac318fde0323702cabc3270221b7870678e1f08a82513151c5fb0a984680cbc755f190c862385a25f4fbb1cfb4c9401ac344b4074e1429fe15145d2

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:
    smtp
  • Host:
    business77.web-hosting.com
  • Port:
    587
  • Username:
    basari@makefoods-international.com
  • Password:
    london1759

Targets

    • Target

      po.exe

    • Size

      898KB

    • MD5

      83f6e4e71f9a6638f9caedb14934e3e6

    • SHA1

      f7b05b5d187510060c810229155f290393fc3482

    • SHA256

      94c45cc52e1fdbdf80a9d376ddbbd316a81d58acc1fa677a09b755e4cff17182

    • SHA512

      134cfbb2aac318fde0323702cabc3270221b7870678e1f08a82513151c5fb0a984680cbc755f190c862385a25f4fbb1cfb4c9401ac344b4074e1429fe15145d2

MITRE ATT&CK Matrix ATT&CK v6

Execution

Scheduled Task

1
T1053

Persistence

Registry Run Keys / Startup Folder

1
T1060

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Modify Registry

1
T1112

Discovery

System Information Discovery

1
T1082

Tasks