Overview

overview

10

Static

static

NEW PO FRO...df.exe

windows7_x64

10

NEW PO FRO...df.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f1f8f546be67cb6b305f9becb9626603ff43236e14efe49520fa712a051662ae

  • Size

    381KB

  • Sample

    220521-bl3xeafbal

  • MD5

    cbf3c41a595c04b91cfbc987e563cb83

  • SHA1

    c5e1db705368a7cc458e4185f8bed895b4230a15

  • SHA256

    f1f8f546be67cb6b305f9becb9626603ff43236e14efe49520fa712a051662ae

  • SHA512

    35a43196bdd20fe95b0dcb3aeaebca91fffc9980251393a4d2bc5a310aa2835dbd8f32b90cfdcc58cb21a85e4b92052d46d2bcb47b68a03871b5e930ea5e72e5

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    smtp.yandex.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    H(FPf]j;OgNA

Targets

    • Target

      NEW PO FROM MARUYAMA (SHANGHAI) TRADING CO.,LTD QTTY.pdf.exe

    • Size

      422KB

    • MD5

      22b8dfd2f7f440d02820e297db00f6dc

    • SHA1

      9372f127397aac0822881e5136252a5c9dbe0c28

    • SHA256

      227edfe5a3f405840f8be7a96d205ddbd66707829e0118f049f2917d28d2b142

    • SHA512

      eed77a4ae01e1e1e00577efb11a0a32612e51b6b0e2d4289eda71641bcb7af7e60b8dbea403ec504faef4dc6ae57796e7e724870e69f65ca4864ebd5c7191804

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks