Overview

overview

10

Static

static

PO_AUXT2.exe

windows7_x64

10

PO_AUXT2.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bfdf578a59187996fbcee39433b5dad6c3018f89556d9e544c17eb2687af4abb

  • Size

    1.2MB

  • Sample

    220520-2wfsqsbahj

  • MD5

    d19a99b8494b3761b25166a477985753

  • SHA1

    76c059880047d9514aa4044191658fd92ca903f3

  • SHA256

    bfdf578a59187996fbcee39433b5dad6c3018f89556d9e544c17eb2687af4abb

  • SHA512

    87d000ea94aa511f374c6aeea38876221fff3eb5ef7710fd550a0d2abed48e4348710e16d2ff07a96e1fb98d78682b5bbbf73aa3cbabced54da01ad240781994

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    smtp.urban.co.th
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    Urban@1143

Targets

    • Target

      PO_AUXT2.EXE

    • Size

      693KB

    • MD5

      59377d421a5d8d2db2fb28b876ce842f

    • SHA1

      9d89884a4e810871e2784441d0628b1b3991f819

    • SHA256

      b1135688496020eb3e075121b22fb9c726c6021068ce415be82d8e48540dc563

    • SHA512

      ad26d71006cd7601cea7cd5c00d4e858b00876c30c475c79caa88aa20cefe3f8e87eb48bde48ff89a22588d8d4563d1ec287d695bad5166f169634545219563a

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks