General

  • Target

    INV_swift_advice_26092022000000000000000.exe

  • Size

    365KB

  • Sample

    221003-hsnjmacda5

  • MD5

    72f30db13d792c09e2e907b441f50192

  • SHA1

    f7bf5d8c198ff7387702b34c8db27595fd38906f

  • SHA256

    b872a0afdf50b5355b2edc24683e885c326202b19c4aa3edec81af090fa93756

  • SHA512

    cdf3cf88b1f4a3b1110810a32c8eece9df8f0fa04bb19e1f173154678f2f35d30e03e7747ca639afebfaab1ffcb800696dd8a9be4bc95814456ffd1224b83bd4

  • SSDEEP

    3072:nKjc4Sh/1pi3lOh39b96OFXio205b4TxHTC7tsisD8Wrk784a0S4XPv9Wb+9wqYl:nKjA3i3AVFyoQzC5wHKthS4/vobKi

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:
    smtp
  • Host:
    smtp.botswlogistics.com
  • Port:
    587
  • Username:
    limitless@botswlogistics.com
  • Password:
    *(QSTCj8

Targets

    • Target

      INV_swift_advice_26092022000000000000000.exe

    • Size

      365KB

    • MD5

      72f30db13d792c09e2e907b441f50192

    • SHA1

      f7bf5d8c198ff7387702b34c8db27595fd38906f

    • SHA256

      b872a0afdf50b5355b2edc24683e885c326202b19c4aa3edec81af090fa93756

    • SHA512

      cdf3cf88b1f4a3b1110810a32c8eece9df8f0fa04bb19e1f173154678f2f35d30e03e7747ca639afebfaab1ffcb800696dd8a9be4bc95814456ffd1224b83bd4

    • SSDEEP

      3072:nKjc4Sh/1pi3lOh39b96OFXio205b4TxHTC7tsisD8Wrk784a0S4XPv9Wb+9wqYl:nKjA3i3AVFyoQzC5wHKthS4/vobKi

MITRE ATT&CK Matrix ATT&CK v6

Collection

Email Collection

1
T1114

Tasks