Overview

overview

10

Static

static

Quotation ...FT.exe

windows7_x64

10

Quotation ...FT.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ed909a6f4c216cf34f87916768cd25084f9d76c986533e623b366da3cfbe2d95

  • Size

    486KB

  • Sample

    220520-3ll3facacp

  • MD5

    d7f3522413352ddec90f59025c9cc627

  • SHA1

    8e9e629a544a1b40092bc1d0d93f8f7478ccb63a

  • SHA256

    ed909a6f4c216cf34f87916768cd25084f9d76c986533e623b366da3cfbe2d95

  • SHA512

    91f1d6f0d8c426a22b98b5026fda26d3c8706a148da90ba2ce6c9450045de2c698f4ece845d7acdc8efd57230851159d1f69a21d8cd82418424c9bd271fa02ad

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    smtp.yandex.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    iykeraymond007

Targets

    • Target

      Quotation for MRS-KNRP-6842FT.exe

    • Size

      597KB

    • MD5

      0e05ba054cfa9fc01062106ecb7be866

    • SHA1

      f3c0fbaa86e07127ba64b8e4beed6e27b7420892

    • SHA256

      960bd8c97556103ef59589637bd1c9384a6a0cb8f0b6fb2e8b60864068102064

    • SHA512

      b9c8962ef8c66adcf4f0f089235f58086ec760612d740693cbff6d779ed4eedb09a6918d3cea5c4f21c5b12ee566d429688c7ce07114c96bf44c9be502a85fd4

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks