Overview

overview

10

Static

static

PO_SBK4128332S.exe

windows7_x64

10

PO_SBK4128332S.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PO_SBK4128332S.exe

  • Size

    396KB

  • Sample

    211020-pwrtsahhhk

  • MD5

    21f8f0c7c3a20cf495b776f34a9700ab

  • SHA1

    dbccc05967ca5dba0957b980861414ad00f9a1f1

  • SHA256

    cf16f6af27aef277eb68e81dce012ce2b3a5724ab9f0a6b95e53e50143743ec8

  • SHA512

    80383dd3f913299958cf65d7e2c835b4220bda9c596b094aa8db0f7ad03dbe459f5daceb986f1f8930cf415f7b4e662881faaf595e6ed0669c24fb737604182b

Score
10/10
agentteslacollectionkeyloggerpersistencespywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    smtp.mail.ru
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    xxxlahot2

Targets

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Registry Run Keys / Startup Folder

1
T1060

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks