Overview

overview

10

Static

static

5

Purcahse Order.exe

windows7_x64

10

Purcahse Order.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    68366fbfc371a00988bb89cfda2b233eef766df1eaafbafbcf0233c0e3ef96b0

  • Size

    1.0MB

  • Sample

    220521-m8k6nagdbj

  • MD5

    0b2a5d2fea9c4d8800d761ab8074ec19

  • SHA1

    119e2301ebc708f651b94617cf21cd80841e2c7e

  • SHA256

    68366fbfc371a00988bb89cfda2b233eef766df1eaafbafbcf0233c0e3ef96b0

  • SHA512

    48acdbc3e43d174f939aeefe6c75a2bfe2f3a1668ded16595f0f240e6af4c1ce13ccd90633191f9b7b533c2811b05a276130eb4dac35e66a7707048d31c7fb45

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    us2.smtp.mailhostbox.com
  • Port:
    587
  • Username:
    barry@haulifeng.net
  • Password:
    $WgsN%^7

Extracted

Credentials

  • Protocol:     smtp
  • Host:
    us2.smtp.mailhostbox.com
  • Port:
    587
  • Username:
    barry@haulifeng.net
  • Password:
    $WgsN%^7

Targets

    • Target

      Purcahse Order.exe

    • Size

      1.4MB

    • MD5

      cd98063489088c8d9fdd75d9a91bd325

    • SHA1

      94e59c14b25fcef95a86d32cd0ff1886236ec162

    • SHA256

      10c418adf1fc625bede0ca0fdb71bafbba3570e99e96f44f362b82ac34b78626

    • SHA512

      9fe9b7f2f53f07a9ed80459aa09270a5535b01bb1f716aec461240be2e075a5ca146c89684b1963d8333f666ac82dfc132c8d8b88aa495fd66e799b6199679a1

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks