Overview

overview

10

Static

static

1

Maerskline...27.exe

windows7-x64

10

Maerskline...27.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Maerskline New Shipment-SOL10123127.exe

  • Size

    893KB

  • Sample

    230328-hvy35sbc6x

  • MD5

    4d624a352c28ce4c34314ccbe132d66e

  • SHA1

    a81242531f9dd095edce3a0147445c30bf321cf3

  • SHA256

    c97771c3c9da5cec4bb033a94ac643eab26d44c4e58e9e073465799244ca4a57

  • SHA512

    b5296e6901ea70cc2bd53044743a8749f799869c0115e500421805ee89985a655ee67c509424817a750760c3a1964cc564f00ab436672e199718e1d03fdd262c

  • SSDEEP

    24576:O74X1DgHnkOZ23YOPM7mn0NMWeopAJ2rgVR:vNGkb3YO90NMW1ASg

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    us2.smtp.mailhostbox.com
  • Port:
    587
  • Username:
    amanni-logs@brightwatar-energy.com
  • Password:
    y$j$wdV7@@33255
  • Email To:
    amanni-logs@brightwatar-energy.com

Targets

    • Target

      Maerskline New Shipment-SOL10123127.exe

    • Size

      893KB

    • MD5

      4d624a352c28ce4c34314ccbe132d66e

    • SHA1

      a81242531f9dd095edce3a0147445c30bf321cf3

    • SHA256

      c97771c3c9da5cec4bb033a94ac643eab26d44c4e58e9e073465799244ca4a57

    • SHA512

      b5296e6901ea70cc2bd53044743a8749f799869c0115e500421805ee89985a655ee67c509424817a750760c3a1964cc564f00ab436672e199718e1d03fdd262c

    • SSDEEP

      24576:O74X1DgHnkOZ23YOPM7mn0NMWeopAJ2rgVR:vNGkb3YO90NMW1ASg

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks