Overview

overview

10

Static

static

5

Commecial Invoice.exe

windows7_x64

10

Commecial Invoice.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cf863194128f139a25c094066a68be70995e6d5be58fe6a8b5a406e1b0140846

  • Size

    1004KB

  • Sample

    220521-mm7sjacaf8

  • MD5

    900861624b224ce89c743c4da389dee0

  • SHA1

    b9df76cdfc5b98683f33c5a23c5b0bc826b5915b

  • SHA256

    cf863194128f139a25c094066a68be70995e6d5be58fe6a8b5a406e1b0140846

  • SHA512

    ccfc36f0e6c517c1b9d705227c1499865cb40b942536d7d60406f52942d8cb205254c2700b077d8f7220d57df0a95125f98e1fb04e64c20572227cf7a7de29b5

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    smtp.yandex.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    kaka1234@1@1

Extracted

Credentials

  • Protocol:     smtp
  • Host:
    smtp.yandex.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    kaka1234@1@1

Targets

    • Target

      Commecial Invoice.exe

    • Size

      1.4MB

    • MD5

      20bb48a4b3b4f0a778a4e0afe2dc3502

    • SHA1

      15d30fce8dd2e5a351df54cb3cf298417bae2ded

    • SHA256

      be823d1cf2f6d602b91ec0b226fcb8a393f15efd519ddea975a2dfc6fa348195

    • SHA512

      e49b554ec89ba5651bf7c8ee7b2b1285054d2d88f5b7271c258c134c3aa1e02c38a9199815539efada1dfb3d8509bd46c6bb9a4e8253e55404bbfaaba4b30f65

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks