Overview

overview

10

Static

static

20-06-17 E...SO.exe

windows7_x64

10

20-06-17 E...SO.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    88186de5b370f64ce578e59c6201e056cbf75379b9b7a1f3f41180027de63078

  • Size

    490KB

  • Sample

    220520-2xft5agbd9

  • MD5

    0bdd4575e24cda281657e929fce3203e

  • SHA1

    eabfa2fd113a01dc1c594d8d5e229d6134313e77

  • SHA256

    88186de5b370f64ce578e59c6201e056cbf75379b9b7a1f3f41180027de63078

  • SHA512

    bb49c8143c33b713949d98e0b45dcec55b4acf1743a6a3884a84d7f999c39346f70b72f48bbb39cdba177fd8184b067450fadc683b85712da7323bdff07f26c9

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    hitmanorigin.cf
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    Spoofyou2015$

Targets

    • Target

      20-06-17 Ekspla Qut..ISO.exe

    • Size

      428KB

    • MD5

      154a61c11f57ea053e033c44070a7075

    • SHA1

      e8eca87156a5e78df5202151749dc89b928a01dc

    • SHA256

      c6df18e549ea063da5203d4ea4f461441babd09131e227e2e638748127916564

    • SHA512

      989ac79b9c39e24a3992a7b85ff6ee428cd196d9ae14e8dcd49cf9ebeced1e7f065cec81be84b93b3af11ed7b8089680b867ac2f876e0f9bb89ca4bac15def2c

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks