Overview

overview

10

Static

static

Proforma Invoice.exe

windows7_x64

10

Proforma Invoice.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Proforma Invoice.ace

  • Size

    99KB

  • Sample

    211019-gd2x2agbem

  • MD5

    d8afbff215891c72d49214bfa4a5a695

  • SHA1

    45751324160fd684fa7a33b1de4843e5fa3f3fde

  • SHA256

    3d7ba712d681648722d40aad81ea8382ca17d1835a7be6c9d92789e682f2a931

  • SHA512

    5df49b0faaca37bbca728f2738cb081f9ed2fce505a35887eafdc5e08217353c18229b284449243dbcb381e06286881e97653e6c8e807e03ead77213c549c8d1

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    mail.croatiahunt.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    VilaVrgade852

Targets

    • Target

      Proforma Invoice.exe

    • Size

      129KB

    • MD5

      2abee0c90bce9307bd28b1f1607cbba4

    • SHA1

      bfb2912a7caeb1b73aca9847c6f05cfebebf54d9

    • SHA256

      21ac46250f6363cb7e193af0920eadc44d4ddeac442022510b8eaa11b3249d48

    • SHA512

      e4a0bd8d9205b5e5756169473cba75ad6341d2075be46f3850ea0dcf3324ea126123e278e63bcda93f57b311d4717960b0c28a7381930a5a6f081e9ed0283a43

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks