Overview

overview

10

Static

static

NEW ORDER.exe

windows7_x64

NEW ORDER.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    15a1b67790a0987de991ac047a02598a92f7894033acb6313b4641034d194743

  • Size

    416KB

  • Sample

    220521-ncejnsddg9

  • MD5

    2a6568269ef45d1d625f3d597dd63f24

  • SHA1

    c583d2b5c98c2f0e1e8de2bf829cc7671ffda6e1

  • SHA256

    15a1b67790a0987de991ac047a02598a92f7894033acb6313b4641034d194743

  • SHA512

    a3a280bdcd0160f3cee9be1b3f8bc420265ad4089c09fe769f5088f18a223dd1b27f8707c51b50b3c2586e21b610060e929eec4e65568c8ffea392cb74110a3b

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    smtp.yandex.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    vicanto1994

Targets

    • Target

      NEW ORDER.exe

    • Size

      502KB

    • MD5

      8ee2fd0821f0f98ff8132239b1dc6a46

    • SHA1

      5803e378096ba15c495d4b69243e3c996d3ce1bd

    • SHA256

      9b31ec2416aaf3b9d3490dc46a2b4a925f42165685b4adf828289dade16c5205

    • SHA512

      65a331b8e59f0337be0e13c43619280d0569ee36a716e4a943f26b6a88af947456bcf8070839d2c2708befa6c273c7348d1c59c054dc68a0099f4b5c26b06fcc

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks