General

  • Target

    222dc9a4a007d7a4931d1f47fbda1c456bcc7b63120661dc37faa94d5b05b279

  • Size

    1002KB

  • Sample

    220521-mm9bcsfbgr

  • MD5

    6b6836b71b73323f7a16589df749b0bd

  • SHA1

    131dfa76e83a2d5f959ea02e5fac063fea288ec0

  • SHA256

    222dc9a4a007d7a4931d1f47fbda1c456bcc7b63120661dc37faa94d5b05b279

  • SHA512

    3d9b42b0e828e7b8220d77ad7db3135b09eb20afc02832ae8e8fd54b713ff2e701229cce0a9cad52196833b71b976b8f38cb956cc0e398924fa6366853763222

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:
    ftp
  • Host:
    ftp://ftp.solarcenter.ro/
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    RSv%AL{k~wATNN@ossyguru@00998877

  • Protocol:
    ftp
  • Host:
    ftp://ftp.solarcenter.ro/
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    RSv%AL{k~wATNN@ossyguru@00998877

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    ftp.solarcenter.ro
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    RSv%AL{k~wATNN@ossyguru@00998877

Targets

    • Target

      Transactions_PDF.exe

    • Size

      1.4MB

    • MD5

      719651a5704d90840383ffdbc52f6034

    • SHA1

      c8a0833be3b2eace573afb47478368dc909ce94e

    • SHA256

      c5c2b440e9d6a0b947db4f5769fd36c844c107db1df8e05f2a06104c4462c95a

    • SHA512

      c6f14d35378ebf29562fdfe4de5edbec8cb3edbc52a5e64711e8f6d12f687481304a59804217e7fe6de792ee7313f67d348c907f59cbf0ce07e784b301304d3c

MITRE ATT&CK Matrix ATT&CK v6

Collection

Email Collection

1
T1114

Tasks