Overview

overview

10

Static

static

DHL Shipme...df.exe

windows7_x64

3

DHL Shipme...df.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    DHL Shipment Notification 1953341372.pdf.exe

  • Size

    468KB

  • Sample

    211203-tdya3abhg6

  • MD5

    621452b83a5cdf0a1e03ea6d3c56c595

  • SHA1

    0710b1580784a673daeaef5aeb259f05df5aee1e

  • SHA256

    8bd946b1e3dc26464602dfc0f7de0b2bb90637f4774213c7dcbea93dcc0e02fd

  • SHA512

    ce9960e5b0c534186a547341130422e2f6c76983f5d03a0acb88447997c412aa3927c5b2b8725036ad10e393fe1895f2ac0972f35b8b712479d73f2e9f9830ab

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    smtp.yandex.com
  • Port:
    587
  • Username:
    negozio@depadova.cf
  • Password:
    graceofgod@amen

Targets

    • Target

      DHL Shipment Notification 1953341372.pdf.exe

    • Size

      468KB

    • MD5

      621452b83a5cdf0a1e03ea6d3c56c595

    • SHA1

      0710b1580784a673daeaef5aeb259f05df5aee1e

    • SHA256

      8bd946b1e3dc26464602dfc0f7de0b2bb90637f4774213c7dcbea93dcc0e02fd

    • SHA512

      ce9960e5b0c534186a547341130422e2f6c76983f5d03a0acb88447997c412aa3927c5b2b8725036ad10e393fe1895f2ac0972f35b8b712479d73f2e9f9830ab

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks