Overview

overview

10

Static

static

9

Documents-564687.exe

windows7_x64

10

Documents-564687.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    98378154f85e59288dadca8307160f6e5cdc24b384a5a31822f36344778987c1

  • Size

    395KB

  • Sample

    220521-cylz4aefg2

  • MD5

    50613c6cc51a80836b2829450f5448ea

  • SHA1

    e404de1b622a7986105a78fce0c7e23d660b04e9

  • SHA256

    98378154f85e59288dadca8307160f6e5cdc24b384a5a31822f36344778987c1

  • SHA512

    4b760e380cb19ac2672121240e8a5f2201a9f00a3e2c2c37bb315544beff520dacdc4af08f2e7a7f5dca9ce9f09f14d017e492d95f3bfd6d9709b55b3a1bee90

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    mail.dhaidtravels.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    Dappa@@432

Targets

    • Target

      Documents-564687.exe

    • Size

      436KB

    • MD5

      6059ad5ce911e42a68593ac5d2445b1e

    • SHA1

      4f025f925dc0ce0b06cf368fbfb559efe4884312

    • SHA256

      36a03b97c28620a2da908370d7505c714e9863bf3c328152e1a4a69fc40a54e4

    • SHA512

      4649bfaef5e1d312e58d6c7bc79a3d2dabc97bdc3ba309c5e3b24a3afb356bc78a381fcbb37c6724c64687ebf08abc24bc29d2eae9d64bca3a7eb8d2522917f9

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks