agenttesla | af67a45e0e8523ba84843a8c829539a2131af3a4e8a2a0f9c74a24326d4ac6b0 | Triage

Sharing

General

Target

1472-65-0x0000000000400000-0x000000000043C000-memory.dmp
Size

240KB
Sample

221123-mpke1shh3t
MD5

23358260c9e35455092f39ec0bd247fa
SHA1

100b3198bcd1f71d2f7be1a5733f2b6d29ae6b66
SHA256

af67a45e0e8523ba84843a8c829539a2131af3a4e8a2a0f9c74a24326d4ac6b0
SHA512

f3ed5a1288323ac4d32f77bac3890ee4570a0bc094aae830db54eba67a0a6f3c74cb5d6d5851a85853f28049c6ede46285af8fc70313bcf2b8a2ede1e19389ff
SSDEEP

6144:mGdCSsCU9Ti/4tUM7pN6Xji2yWHo+trNA0:/dU2/4t2Fo+I0

Score

10^/10

agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.akademetre.com
Port:
587
Username:
[email protected]
Password:
st6473

Targets

- Target
  
  1472-65-0x0000000000400000-0x000000000043C000-memory.dmp
- Size
  
  240KB
- MD5
  
  23358260c9e35455092f39ec0bd247fa
- SHA1
  
  100b3198bcd1f71d2f7be1a5733f2b6d29ae6b66
- SHA256
  
  af67a45e0e8523ba84843a8c829539a2131af3a4e8a2a0f9c74a24326d4ac6b0
- SHA512
  
  f3ed5a1288323ac4d32f77bac3890ee4570a0bc094aae830db54eba67a0a6f3c74cb5d6d5851a85853f28049c6ede46285af8fc70313bcf2b8a2ede1e19389ff
- SSDEEP
  
  6144:mGdCSsCU9Ti/4tUM7pN6Xji2yWHo+trNA0:/dU2/4t2Fo+I0
Score

7^/10
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2