Overview

overview

10

Static

static

Quotation ...FT.exe

windows7_x64

10

Quotation ...FT.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ad7b54611599e269afcf9494f72a7d6adb16e530c5bfbc07f239610969979903

  • Size

    515KB

  • Sample

    220520-3z92eshgh3

  • MD5

    440e1cbc092e5616620b03daf659f8b0

  • SHA1

    b24c4908b04db798bdf59f2f872df743f2d0bb19

  • SHA256

    ad7b54611599e269afcf9494f72a7d6adb16e530c5bfbc07f239610969979903

  • SHA512

    f75d615ab1769894eb655f4f50d1173ec609533d31b508027b8ea632199caaf830f7e715a492ac1813494af1731faccd6f1bd6581b506700b3bb5ed6fee8e4f6

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    smtp.yandex.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    chikaaka1

Targets

    • Target

      Quotation for MRS-KNRP-6842FT.exe

    • Size

      765KB

    • MD5

      1d5150fc0821efc48760b646df98209d

    • SHA1

      b4aef64f3772babfec0711cabeaa1a16441be950

    • SHA256

      63b6e03aef79da7003a5b919a58b496450ebcb0dc183985b48c5ed96868e05e6

    • SHA512

      16e6b9eed379b2ecb834a4c4048f21231e08a2b2220dbcf749904b91608330bac7ce1c008a50c60e917d042c527a54abad4db8c5fc5bd87e4613ee64711a647d

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks