Overview

overview

10

Static

static

5

June_Order.exe

windows7_x64

10

June_Order.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a161ea90bcb892ba6a437d46db7a200e35c5e37786282f06c2926c601cb46fb0

  • Size

    1.0MB

  • Sample

    220521-mm59psfbgq

  • MD5

    04cb64f263b8d5ca150327b91c1cac34

  • SHA1

    ccccc9835ed8313a2d8c7c1b27f83a76d2a0ee66

  • SHA256

    a161ea90bcb892ba6a437d46db7a200e35c5e37786282f06c2926c601cb46fb0

  • SHA512

    4b35e97ac74cab678004d828b5058254251a0805f51e7fff042cbd5a8c6982a38bfc3fb421c31df23d100929b5f784a932c5788c446b1689d60fb052a8783a3b

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.bmdonline.ro/
  • Port:
    21
  • Username:
    webhost@bmdonline.ro
  • Password:
    Dc~b!v(&D##4

  • Protocol:     ftp
  • Host:
    ftp://ftp.bmdonline.ro/
  • Port:
    21
  • Username:
    webhost@bmdonline.ro
  • Password:
    Dc~b!v(&D##4

Extracted

Credentials

  • Protocol:     ftp
  • Host:
    ftp.bmdonline.ro
  • Port:
    21
  • Username:
    webhost@bmdonline.ro
  • Password:
    Dc~b!v(&D##4

Targets

    • Target

      June_Order.exe

    • Size

      1.4MB

    • MD5

      a67a1b3058424475c2356a0c0c0b910f

    • SHA1

      01110987b248a3a7b55c9dee2980fd704a016135

    • SHA256

      155065582ffa38e73b116c0d434fbcc4a5a3a1c860e018d0b921301be4187edc

    • SHA512

      e3ad8de9350be77900ffdf47b6f8a51167c2b2b354fa1ec178ddbe07b6cee9e68f7c42a28a7307b22c2ea16106aacb1c6c0f900f0de0a2311d275d16fb19f046

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks