General

  • Target

    3yP227L-67450-08E3B108009BDD55246fffa3560.txt

  • Size

    964KB

  • Sample

    230330-mwehcadg6t

  • MD5

    f962f944f891ed40f73a7b63b34a5c93

  • SHA1

    4651a08d44d1e31b807fd56550a10bec89738fb5

  • SHA256

    656f08f66aac9f481e1403076c0e88732309d9dc8fe7fba6f1adc4c8e4488f7d

  • SHA512

    ba15dc4b5c60202ce568c0d40b3f8d3d5b1f6031e7ea5209bf3ef3e3862cada0b70f61579c01c829d699c17a880ca7bc145d48cc7c35c70d04161b7712474802

  • SSDEEP

    24576:pXK2nWikO7bWtHqGrEN4yBYXPE9q79a/mm/1B:parikXENYPEcW

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:
    smtp
  • Host:
    mail.mbarieservicesltd.com
  • Port:
    587
  • Username:
    saless@mbarieservicesltd.com
  • Password:
    *o9H+18Q4%;M
  • Email To:
    iinfo@mbarieservicesltd.com

Targets

    • Target

      orden de ##compra.r09

    • Size

      429KB

    • MD5

      184ee15738a3057a38833e3b4fbb522a

    • SHA1

      a9efde6409144686905e5d3945c26f77a7380bb1

    • SHA256

      e3d6bd35558702ac5335dc818b6bb8a576f1ade7c5963667a600ca0a5f3267ec

    • SHA512

      54f59ebc7a27c9bf584e5576b6927b6d90237aba7ea81987756688722e59c7ecd81213f66374d27171ff06180e8be0231059ed3d903f52bfcef9fc21242ad3e5

    • SSDEEP

      12288:IaQVM8LHmtGdrX0J4maBtiqFnvi7rvUUu9Vd:QVMSrX04BtTFnq7r81v

    Score
    3/10
    • Target

      orden de ##compra.exe

    • Size

      449KB

    • MD5

      05ecc56527fcba96bbac7cb98ea2e9fd

    • SHA1

      09e3ec61ae4e9d32f905cadff6e380350eb36c82

    • SHA256

      8bfbb0ea2d51386413aaf7cb64ee4191ebdf511a8c0a07bc6d755376bf014ae8

    • SHA512

      a3e69e632b16ceea3dcfb048f2c3fe24ecb236c29dbaba98449c3f48f67505cecafea32db686a09aa6d5fdcf11732c42b1e2ee99a698b7a6da2c75fb8fd7a2ea

    • SSDEEP

      6144:c/AHjYh29QTrUwbB25+bZ3OV/ijNonSWqivSptk57tt43fN6YNfGewTAya70:XKPtB0+8Uj+zmtkW3sYNfGTA

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

1
T1082

Collection

Email Collection

1
T1114

Tasks