Overview

overview

10

Static

static

NEW ORDER ...df.exe

windows7_x64

10

NEW ORDER ...df.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cad144eefaf528cbbc2fa53039771d327f71aac6749c06ad815399a878fc3dcd

  • Size

    446KB

  • Sample

    220520-3tbxfaheb7

  • MD5

    1c5a9356300ef2b505d2c9fed27d3f53

  • SHA1

    0736bde36b4ae439d24bf9ea261a204a23698891

  • SHA256

    cad144eefaf528cbbc2fa53039771d327f71aac6749c06ad815399a878fc3dcd

  • SHA512

    1e3ec7508c1294f142dfc405d41c0378d40e593bb8ed6cf7951592c51b28c3b7d00e0271c30a1b818793646f6d01f08df5ab447f857a954b8d2c2dc8efa8faf8

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    us2.smtp.mailhostbox.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    sOeKk#E6

Targets

    • Target

      NEW ORDER INQUIRY-002692020.pdf.exe

    • Size

      564KB

    • MD5

      1f943e3d2d9d9e2bd4f44497764b8bcb

    • SHA1

      e52c0f0a003dd221a1cd0592767133044828835a

    • SHA256

      1382fdb29bab4fdfecdead8eb5d85d022a16d4f0286513b226745d890a3f47f4

    • SHA512

      f2e1e109669dd8a7c9967e8308df0a08b59e0c19c4fb41c88e913c32c29fafc883facfc0ca3ca0f9687fdb35c5c1f4cef09218c09af6e093572b462ee085490a

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks