Overview

overview

10

Static

static

DHL Delive...df.exe

windows7_x64

3

DHL Delive...df.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    DHL Delivery Invoice.pdf.exe

  • Size

    576KB

  • Sample

    211202-ktb84agfg5

  • MD5

    1c8452d15051907d3bc10de6ae00220f

  • SHA1

    22f840194dd125a4f416c9cf4f2daff13b0fcfc7

  • SHA256

    264b1ca9df86f0d722b98b6aebc1be86d4c342747b709113a4eca4d68fc0dbdc

  • SHA512

    ad72f89ea67b42268c5c43e3417bb8f179607743b68ca0f358306f2183a76cebff53153ef811b1f7f583a346af507d0cb9757bcccf64eb5858ed9d473d30d14e

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    smtp.yandex.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    marcellinus360

Targets

    • Target

      DHL Delivery Invoice.pdf.exe

    • Size

      576KB

    • MD5

      1c8452d15051907d3bc10de6ae00220f

    • SHA1

      22f840194dd125a4f416c9cf4f2daff13b0fcfc7

    • SHA256

      264b1ca9df86f0d722b98b6aebc1be86d4c342747b709113a4eca4d68fc0dbdc

    • SHA512

      ad72f89ea67b42268c5c43e3417bb8f179607743b68ca0f358306f2183a76cebff53153ef811b1f7f583a346af507d0cb9757bcccf64eb5858ed9d473d30d14e

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks