Overview

overview

10

Static

static

DHL Shippi...nt.exe

windows7_x64

10

DHL Shippi...nt.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8f56128a9a34cb436de763077bac5bd250cb8ab8596bc71d17d8bd3f8d0e5d9b

  • Size

    364KB

  • Sample

    220521-affz1sabe4

  • MD5

    2ba270e0fb049067606af1cf9ac3583b

  • SHA1

    c8ee66e95f7dfc192a33ce912ce3a716cb33a532

  • SHA256

    8f56128a9a34cb436de763077bac5bd250cb8ab8596bc71d17d8bd3f8d0e5d9b

  • SHA512

    87177cc7c6f856492684e24b6694000630510af2bf647ce3a9cf1376f37771794ad218d2a5339def1c0457c02999711f7e606da9de7ad0f4776ed3a162a7964f

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    mail.chinagrill.co
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    SnIVrXH!]f1q

Targets

    • Target

      DHL Shipping Document.exe

    • Size

      549KB

    • MD5

      b651533ed654a64c4e72d09ea969739e

    • SHA1

      01c157b41ab07fe9ea2c67dee25656a87f8e6bb4

    • SHA256

      d7b503c1065388c0d28b93528745be46f6fc80ba358cad50ae05302785d1834b

    • SHA512

      aba61c7c988fe174d5f45461c564b7db068e0ec0a74f05e5531aa183139e054d3d03e2ffd4fa52412926876424bcb6de306b9d1121ad73cd75718260b9b5d3a0

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks