Overview

overview

10

Static

static

RFQ REF R...df.exe

windows7_x64

10

RFQ REF R...df.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    967413f8a71a9d9e8430c41e655f6e8dffb2c73c4298597c658fe67a13a83b5f

  • Size

    470KB

  • Sample

    220521-ad4cjaaba3

  • MD5

    19bd246cb42c8aa52338fac6936c76f5

  • SHA1

    dadc29b900436a1eeaf4bff0fc4440088d3aece2

  • SHA256

    967413f8a71a9d9e8430c41e655f6e8dffb2c73c4298597c658fe67a13a83b5f

  • SHA512

    474d8d47cdc118e92ba51d9c5957c4dae0f59ded0ac369e0da9a127d21aa171390c3f9ab560759285844dca319b2123199a13f46d1fdad3b68db2bdc40e0a9f9

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    us2.smtp.mailhostbox.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    sOeKk#E6

Targets

    • Target

      RFQ REF R2100131410.pdf.exe

    • Size

      589KB

    • MD5

      7135204b519212aa7a5dba15c23ae113

    • SHA1

      ce5d702505bf3b3ad01452a124bb906122b40b31

    • SHA256

      a540201f44f378a2bcade1e6190cd5784ae7cc0bc0f1138436afeb7b10ef7050

    • SHA512

      308d936d09967f0558d315d1ca7ed08da10de5b3a4710c46db491734d493b1b2143e07d1f1f0b2729f0d7fb1846c9d9b55ad2e00af67b982ae36cec1b5d550e2

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks