Overview

overview

10

Static

static

Purchase O...20.exe

windows7_x64

10

Purchase O...20.exe

windows10-2004_x64

4

Sharing

Copy URL
Twitter E-mail

General

  • Target

    405b27ce24ff7c6e7eb52b5680cb11106a51173f5e2320535923baa38e7b900f

  • Size

    504KB

  • Sample

    220520-2zepvagcd5

  • MD5

    c1b65c2defc029d906b7bda203d9080d

  • SHA1

    0c346495617eb1c4f047a8b9f1aa4b13cec82b29

  • SHA256

    405b27ce24ff7c6e7eb52b5680cb11106a51173f5e2320535923baa38e7b900f

  • SHA512

    183d61f7e7ed67d9a0956c01e111eaee9a8c738c2e7cb01f00d432c374d2a963ba597e84c1be8ae23aa91523b0c0c3499a1a189f6c376d38f2fb957865cff049

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    rodyorigin.cf
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    Spoofyou2015$

Targets

    • Target

      Purchase Order 072020.exe

    • Size

      444KB

    • MD5

      ca640401fff10aa01cff2d098411b845

    • SHA1

      1236531f23e84c85793121181af1f111ed187b06

    • SHA256

      adbb69f96dbc24c4fe050f4b99e01647393fb26cd482ddbcbf6faf23f6470be0

    • SHA512

      1dadff4601d9067b4a4190d73a795798023a696d3fb480725035e8732b6436e44c590cc910e1cab9c35fc633de6df2ccf8fb8e5a8253f202e796708242b33f20

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks