Overview

overview

10

Static

static

5

Payment_Advise.exe

windows7_x64

10

Payment_Advise.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3240f44bcafec1f5f6ad81f9b3f34143b58c1160d124054c627f03166bf26104

  • Size

    946KB

  • Sample

    220521-m9bzdagddr

  • MD5

    76955742a1ec93be1612839eef1f8731

  • SHA1

    095b37037ebc39f267b2422cb3ed284c5f715465

  • SHA256

    3240f44bcafec1f5f6ad81f9b3f34143b58c1160d124054c627f03166bf26104

  • SHA512

    8b236045b2f6119f4bede2d027241326da7086cb49dad8d2f63d5e7166e80d53a7c54e9e44fc4688bb792a7362c81c0b827f3294106c705448a6484ba15234c3

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    smtp.slmmoworldfood.com
  • Port:
    587
  • Username:
    socarfunds2@slmmoworldfood.com
  • Password:
    Starghost@1011

Targets

    • Target

      Payment_Advise.exe

    • Size

      1.3MB

    • MD5

      35ba2f1359c8ff10a5e81a3bfdf0700a

    • SHA1

      4d54f2dedc27042ce5902d86121fa76b276fecf1

    • SHA256

      b7c73253efc4d93712eab9dbfb67d98c2f23b03858682e01e88f489ade8ab971

    • SHA512

      25cc02cf32635bb9d9d4b3f3fb0532d86e01b2f0f4b5bb7ef73fe37d291e156ed328f0211e6bb07709a3026437d8cb49a1b44be55179e62559d7954f9d2f626b

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks