Overview

overview

10

Static

static

1

8cf5cff320...e7.exe

windows7-x64

10

8cf5cff320...e7.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    87c8443a664240d005a686eb2e10506f.bin

  • Size

    186KB

  • Sample

    230610-b4hzysef8x

  • MD5

    2e9c6c9255cc5be2177276c5741e8827

  • SHA1

    678a3bd1859c6a143eb76a11bb7126aaf84cd93b

  • SHA256

    6c3e01448f668b90fcda200458e4505ac2677e72201d2b7b7e5ee6202e2fe3d4

  • SHA512

    1a4e75d9e0d3351090b5a92361b740828eab57a10566f6df573eada7fcc35c86d54db2392bf871b9ae5ecf16015e59c902d53f234257789ca73465a07965fa73

  • SSDEEP

    3072:bbGdjbD7HLEQN9mtOI/40ZyYf2CoRukBsKfI1KCdW/g52YZv9EX29Vcn3t4nLKef:3Gd/D7gQN4QTRucsB0Xg52cv9LVoOn7f

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     ftp
  • Host:
    ftp://ftp.ocp.mx
  • Port:
    21
  • Username:
    useme@ocp.mx
  • Password:
    lasco4000

Targets

    • Target

      8cf5cff3205cf674ee41d3f7b7fe10ff2aaaf578cbf0da49c9f8be27054f84e7.exe

    • Size

      223KB

    • MD5

      87c8443a664240d005a686eb2e10506f

    • SHA1

      8e6b12aa9c0a245b9a025ed37161a7bd4a7c675b

    • SHA256

      8cf5cff3205cf674ee41d3f7b7fe10ff2aaaf578cbf0da49c9f8be27054f84e7

    • SHA512

      2f53f5cad7adc76c9ad5308598356b6dade3647a20897fb21f79c058eaffacb8beaa2749edad35a8e08248419c98d04b9190bc98619f7dc11901c4d1b5e2d33c

    • SSDEEP

      6144:OmpbEf1ei2XTQTMGoW0orTO1r0JTbav6+fSvj5:OdZ2XMTMQdvY0Tbav6+fS

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks