Overview

overview

10

Static

static

Candidate_list.exe

windows7_x64

Candidate_list.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4774f1a474d46ccab2dd8608a78d41f9cc0365c7f106608641c33a46c9fe86e3

  • Size

    313KB

  • Sample

    220521-nb2mtaddf4

  • MD5

    1d31a19b07378a7745a685d094737e97

  • SHA1

    07897e3c1a0d2e6874df1b777a5b7c690b1dd510

  • SHA256

    4774f1a474d46ccab2dd8608a78d41f9cc0365c7f106608641c33a46c9fe86e3

  • SHA512

    7385b938ea2f6f035f46b0e92c21b600189d9761ab4238d41844ac52483cf0189565110ada706c278e6a01f37aa6ec9f374dcc3ee789ca5ee24eff30e348860b

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    mail.prime-lawfirm.com
  • Port:
    587
  • Username:
    batoul@prime-lawfirm.com
  • Password:
    P@ssword201?

Targets

    • Target

      Candidate_list.exe

    • Size

      331KB

    • MD5

      db1cba646f5432bc3e528e9d67f9fc01

    • SHA1

      0f5d941c986623b79484fdde2ce0d8f278163956

    • SHA256

      75ce329091d54aa2fcf6cd6f58704493e0f4ac878279c49db239140051341931

    • SHA512

      9a51cb0c4e1d9803cbc38f816d44a3ddb8d0f74a7d84a27465f94242e1a2cf926abd8b7a8048e9ced176c0a855a770daee6d89c128e88d49626413b866c6ee90

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks