General

  • Target

    70654 SSEBACT.exe

  • Size

    425KB

  • Sample

    211020-mst4maghd6

  • MD5

    d091b52256537e80e25c3f59918bf605

  • SHA1

    e11c107fc1db49c3507f82a4cda09152933f1660

  • SHA256

    e8bc8d3153a2c062963162ee1692fa67d84ddbb28bb4accc2673a99315f3068c

  • SHA512

    9b103b91dbb1092ac524cb76455d50fd32e24634e85d79a64fd28a232f7c504f2b63996449bf4940676d6ae9ba37dd6b3976a6ac2945678fbc637d52afccdfa5

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:
    smtp
  • Host:
    mail.timsonlogisticske.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    timsam2015

Targets

    • Target

      70654 SSEBACT.exe

    • Size

      425KB

    • MD5

      d091b52256537e80e25c3f59918bf605

    • SHA1

      e11c107fc1db49c3507f82a4cda09152933f1660

    • SHA256

      e8bc8d3153a2c062963162ee1692fa67d84ddbb28bb4accc2673a99315f3068c

    • SHA512

      9b103b91dbb1092ac524cb76455d50fd32e24634e85d79a64fd28a232f7c504f2b63996449bf4940676d6ae9ba37dd6b3976a6ac2945678fbc637d52afccdfa5

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

1
T1112

Collection

Email Collection

1
T1114

Tasks