Overview

overview

10

Static

static

FedEx Expr...43.exe

windows7_x64

10

FedEx Expr...43.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    FedEx Express AWB#5305323204643.gz

  • Size

    372KB

  • Sample

    211021-bajdmahfh9

  • MD5

    41a35c28e26250f9c07ce6634b7bc533

  • SHA1

    407b9ced6ae4908e452b629e999213ca27a24a94

  • SHA256

    a2449cb107f3e74a766f96fc424346e8836c717caba82cdd3779f0cf35e13832

  • SHA512

    bc0e9bdf648c53d7444fde3a3261509d32dbb11781c494675a65b954f9e86a488fc9f7ffc8466e46bb616b7b776d4c1a5866b521d1725b78211b85e57b9ca409

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    us2.smtp.mailhostbox.com
  • Port:
    587
  • Username:
    info@ntdcompany.com
  • Password:
    TOVSLRr7101

Targets

    • Target

      FedEx Express AWB#5305323204643.exe

    • Size

      417KB

    • MD5

      7e4e1691ae9d7f15a4dc9f78c2db3f73

    • SHA1

      637d60c20c46d023353e31883255ce8e215b16b1

    • SHA256

      8826fdc74e7f0d4237b8cc8b397061ca8124ae712be9d264e8ec6f65d7fdb905

    • SHA512

      f2848e95db9ba427d700e48f6aa5dba0fbb3ac20915fbeb15bff50100e7682971d00b3458eb3fd89731dcb1334528c668c5328ea32568c76370b37674eef1a9e

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks