Overview

overview

10

Static

static

Dhl Document.exe

windows7_x64

3

Dhl Document.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Dhl Document.exe

  • Size

    712KB

  • Sample

    211202-tx4besadfn

  • MD5

    d57a8c6be775cfda05331c6eade17990

  • SHA1

    355ef1430b4d4a13f3e052c5a90d753f2b3aa217

  • SHA256

    755a275609bd07b357f67e004658587babe3dcbf96803542fa31a0aa7c46ca2c

  • SHA512

    4ec61523f4436d198fc4e45f528215d9d61084736aa2e98d081c4b5bc705f78edfa905cd9cd166318c752a8310ab5b1bf4cf8ef63a207240305995654aa6b594

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    smtp.4plqroup.com
  • Port:
    587
  • Username:
    vicalee@4plqroup.com
  • Password:
    onvavLf8

Targets

    • Target

      Dhl Document.exe

    • Size

      712KB

    • MD5

      d57a8c6be775cfda05331c6eade17990

    • SHA1

      355ef1430b4d4a13f3e052c5a90d753f2b3aa217

    • SHA256

      755a275609bd07b357f67e004658587babe3dcbf96803542fa31a0aa7c46ca2c

    • SHA512

      4ec61523f4436d198fc4e45f528215d9d61084736aa2e98d081c4b5bc705f78edfa905cd9cd166318c752a8310ab5b1bf4cf8ef63a207240305995654aa6b594

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks