Overview

overview

10

Static

static

IMG SHIPPI...DF.exe

windows7_x64

10

IMG SHIPPI...DF.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    381f839ba0e1dc6c02db3aa353bfc55d96afc5e1d493810b79f8b76b4b5d1b9c

  • Size

    383KB

  • Sample

    220520-2zl4xsgcd8

  • MD5

    0a258bf3b12f2a4e83f61d9e7ea25a54

  • SHA1

    7fa6612065de422cb9f3b84780bee19cf3458788

  • SHA256

    381f839ba0e1dc6c02db3aa353bfc55d96afc5e1d493810b79f8b76b4b5d1b9c

  • SHA512

    fe8f03f0a32f67b9cb9522a41e25a2083e4c858a4b0cf24bc8b00828477ec3fcfb208c365a9e3c4c62de085fa68a70d486ee8d71b37a0dd4d2521900b31c996d

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    mail.candenizcilik.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    519025

Targets

    • Target

      IMG SHIPPING DOCS 24223_PDF.exe

    • Size

      425KB

    • MD5

      4a13e4535fb2b59386f867e9655c9173

    • SHA1

      d069643020dc029a453a068e796bc2cdb7c194e7

    • SHA256

      203094520d66c8d9f2e8206f09b90ead4c30dfe3fb3da274075fd00651d63de8

    • SHA512

      3675ac383314d6320ddef2baad02701a68033a719e90ce9696aa1a29143a74a1bfe584c42866119d5c89e7543407831f0d49de274c03f532cb01be839d1ba805

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks