Overview

overview

10

Static

static

Proforma Invoice.exe

windows7_x64

10

Proforma Invoice.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Proforma Invoice.iso

  • Size

    330KB

  • Sample

    211202-qgjqasggdm

  • MD5

    15e334bb8feea661b040b3f375368e2e

  • SHA1

    8fff367d07098b5f087f727a12ef5b4baa64f3fd

  • SHA256

    5c192f1bdfd5def094b21193855d943ceb15cf7a9a57621b1ceac8c186ad0fc1

  • SHA512

    73462a67a57044c8a324932c1bfa9b2f4d749501617687c25d9b9eabe80cc17b716c8ce6ae456d1380d16722d54ece26ace1d418931cda6b300e76d28764a2f4

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    mail.croatiahunt.com
  • Port:
    587
  • Username:
    info@croatiahunt.com
  • Password:
    VilaVrgade852

Targets

    • Target

      Proforma Invoice.exe

    • Size

      269KB

    • MD5

      42c08daca71ce2bf1fcabb9d086ef74d

    • SHA1

      c208ce6676726ac3640f5b8abb86694e5e2869bf

    • SHA256

      96a5aa93e408361cc695ac8e9cdc3535c64bfd88b9ab60535683ddc488289eda

    • SHA512

      ea6ed2c0f5f5d92bb3cb7707e136c0f00d36fde3db0a96461a8a997e0c9796d23ad6af9279a7675c927f3ea13fc90f98a032080574284060e4dcee3107a9ccdb

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks