Overview

overview

10

Static

static

5

Purchase_O...20.exe

windows7_x64

10

Purchase_O...20.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dd1e5f110d011e4037fddb9af20ff6072831732aeddfbb0286bfea8b2c316631

  • Size

    947KB

  • Sample

    220521-mm35cacaf5

  • MD5

    97c5f799d0b39884b27dec44901e36a4

  • SHA1

    b5230eee88a24d5a8d45303249ee2a523a37ede7

  • SHA256

    dd1e5f110d011e4037fddb9af20ff6072831732aeddfbb0286bfea8b2c316631

  • SHA512

    f9704a6e5c12ff50859f938c338f6e648b5f83f06839146c265b5fdb3f9c704f3a49cfc0586d483e20be77de4158e05d917d4cfbb04195d7a012f350b0ce2893

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    smtp.poongln.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    qwA*haO2

Targets

    • Target

      Purchase_Order_06092020.exe

    • Size

      1.3MB

    • MD5

      928759eb97e1f91002f40e4dbfc6e915

    • SHA1

      4408033df66fc210652d5110dbcead2f0df30398

    • SHA256

      f415c372a8189ef9c11af791c64d35cd6bebf3d65fb295f9f5aaf04138a44abd

    • SHA512

      c18799a3dc14cde8eaabb8debbf8d455f8d53edce6c37193242d70315c7be79294bca86e24934f338a22597c0b895a7e9e6f432c88dfb0a51672c646daebf672

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks