Overview

overview

10

Static

static

New Invoice.exe

windows7_x64

10

New Invoice.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    173fc366ab54d62ea63e9b029b0cce3af7bb64c8cd03de8adac0ed6a1b46e73f

  • Size

    339KB

  • Sample

    220521-bx49lsfgan

  • MD5

    2083aba03e226d7fb05b90d1c725ff6f

  • SHA1

    661eeb730c63487adb853157f8491ae895065b78

  • SHA256

    173fc366ab54d62ea63e9b029b0cce3af7bb64c8cd03de8adac0ed6a1b46e73f

  • SHA512

    560cd9ae2e94fdddf61319c2d5a6e86b6cd0cb53b5722a90cf0eccdf60cc14cd7b6b5a7bd85626bd7bfe7f6f0b43eecadcb30f3a198b4f5ec3e9a5228d1df969

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    us2.smtp.mailhostbox.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    js}$_IlwF1q4

Extracted

Credentials

  • Protocol:     smtp
  • Host:
    us2.smtp.mailhostbox.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    js}$_IlwF1q4

Targets

    • Target

      New Invoice.exe

    • Size

      380KB

    • MD5

      4d8a5a46678a71f749136077b0c37124

    • SHA1

      35f39c9216f11a2e8a6a5df78ade47b8c653c9f9

    • SHA256

      c37040b100e234734d7e3c86f6de4eeafb4b07096c57cb37d2717aa37a64f330

    • SHA512

      ab157a836ad9c578e1846f575ab18989b238e38833efca3e33179049b82778c9aa52e5ce6185d9eaafe2a4ad75c3423d203fa084757daa97e6ff61757bac5842

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks