Overview

overview

10

Static

static

5

PAYMENT SLIP.exe

windows7_x64

10

PAYMENT SLIP.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6e570e257e1d6f826a8ed9ee4d46aa69e36fd6f0fddd57f432f993fdaf4fc237

  • Size

    1005KB

  • Sample

    220521-mm8d3acaf9

  • MD5

    8eab84ad3fb44465f006c9b78b3e847c

  • SHA1

    608c72b3c06c2e550d41c36df373457e183f0c0a

  • SHA256

    6e570e257e1d6f826a8ed9ee4d46aa69e36fd6f0fddd57f432f993fdaf4fc237

  • SHA512

    a15e9cd956c4c39b353b13f3fb4a0a6edf5e1c5b8b477076be38c5b1a55f63a6cb899cfd917863b3631ceaedcaec3a49b1c3b741b8e799c61c535fa02d970afd

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    us2.smtp.mailhostbox.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    KoKrjnZ3

Extracted

Credentials

  • Protocol:     smtp
  • Host:
    us2.smtp.mailhostbox.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    KoKrjnZ3

Targets

    • Target

      PAYMENT SLIP.exe

    • Size

      1.4MB

    • MD5

      5d401208a61eb45a0a42ace4528329a7

    • SHA1

      511d9b22cd5a565d336e6ecf1b63740d3a2450aa

    • SHA256

      9350e2b52b57a3f17169e6b46a888559dea995d2de8c61a4cdbcbb340d530dff

    • SHA512

      0df3663866ff9ee19c033ecbf820e68acdc35f4b14866884713e609e1a63932e658b201c89dfbd98754079a9adb9c7532029c48e513f0227f3736e2cd16e3804

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks