General

  • Target

    invoice.exe

  • Size

    465KB

  • Sample

    211020-m97q2sghg5

  • MD5

    94e2058fe9f2c02836c827fbb0e06ef7

  • SHA1

    06cf03bd37a5d1c2c36bb50d3298872a63e701e0

  • SHA256

    4e5ce14b2cd597bd70f739be171599d4af7f1f7108931ff38958166bd6642023

  • SHA512

    904f9f394346b3df1db68dd3b4ee0ad373e6d35098d9659b49bd3f4974c2ac365a3186924114ead255da9e8dff05ec14de7a1685326be5a2526e3300c805e597

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:
    smtp
  • Host:
    mail.maxsweater.com
  • Port:
    587
  • Username:
    sohel@maxsweater.com
  • Password:
    max1234

Targets

    • Target

      invoice.exe

    • Size

      465KB

    • MD5

      94e2058fe9f2c02836c827fbb0e06ef7

    • SHA1

      06cf03bd37a5d1c2c36bb50d3298872a63e701e0

    • SHA256

      4e5ce14b2cd597bd70f739be171599d4af7f1f7108931ff38958166bd6642023

    • SHA512

      904f9f394346b3df1db68dd3b4ee0ad373e6d35098d9659b49bd3f4974c2ac365a3186924114ead255da9e8dff05ec14de7a1685326be5a2526e3300c805e597

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

1
T1112

Collection

Email Collection

1
T1114

Tasks