Overview

overview

10

Static

static

5

Zahlung.exe

windows7_x64

10

Zahlung.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    096f3bb0acffadae7895343a2f64bd0bb2d848d262fbbf2fc59f5af9ac5f7152

  • Size

    1.6MB

  • Sample

    220521-m9r1ladcg4

  • MD5

    32d35af7590d35b60beeb145e9139822

  • SHA1

    87b9c0e3a054e6e963e361f72bc2a02f9ad2253f

  • SHA256

    096f3bb0acffadae7895343a2f64bd0bb2d848d262fbbf2fc59f5af9ac5f7152

  • SHA512

    304b834d587535a4545eb3e966dafc1a766bce24b8577c14e46e57c9f67224df85271bab1d56719ba5850037bffb74331b98a5926c658e3934dd5faaf726ad06

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.mse.com.cy/
  • Port:
    21
  • Username:
    bugattimse@mse.com.cy
  • Password:
    (tKJ.wvnN~5d

  • Protocol:     ftp
  • Host:
    ftp://ftp.mse.com.cy/
  • Port:
    21
  • Username:
    bugattimse@mse.com.cy
  • Password:
    (tKJ.wvnN~5d

Targets

    • Target

      Zahlung.exe

    • Size

      2.0MB

    • MD5

      e9f5e50cfee388f751791f18120a9c36

    • SHA1

      1e05216f6cc5e90afb451a0dff9be523bfbce725

    • SHA256

      2ecec86e3f7d5b1f6c34862adb0235467bc29b0eccbd356d7b4a3051fcdf05c7

    • SHA512

      eb7a870f461d5e909f0ca6f803ec194c44068329313e59b6c4c662b5131fe45b0727fd11e796cedfd67e2ca7db8de66991d2e290f892f52e5f81b9843d63e7fb

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks