Overview

overview

10

Static

static

3

orden de c...__.exe

windows7-x64

10

orden de c...__.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    06122023_1525_orden de compra.PDF.7z

  • Size

    392KB

  • Sample

    231206-h87x7sce92

  • MD5

    d86a4896ad7c1a5907ee02c9364b87e7

  • SHA1

    01bdffafe3130398d855ed0ef8fe2704c5c7be40

  • SHA256

    3e4c047f46a99f4c9de4a0bf082a4ea88b9ed665bac6b66459964a925831ccf9

  • SHA512

    989bad7154091635e70ea097e3f8bf005aa2f22573d37c77091c1a1b3919c3fd07f09c98a5899a85d3199b7848a58e01c5378506fba135700fcb0423ff4f54f6

  • SSDEEP

    6144:18RM5hc4BMPsRZgXy73pe2WnUfZ36KAJ95MVq8iFart49SHQBi:1aM0PUoi7wJn9aVqharJHQi

Score
10/10
agentteslacollectionkeyloggerspywarestealertrojan

Malware Config

Targets

    • Target

      orden de compra.PDF__________________________.exe

    • Size

      429KB

    • MD5

      bdf2b3b191432b2beb2d9280bc15cfc5

    • SHA1

      490bdef6de2ea69eb1363e4dc790e132e4b73a3b

    • SHA256

      fd1e71506e6acef86142f01c0f8550f6c8908b7337b86b627ace2af6cbda1453

    • SHA512

      c37b9994381c17a9a3e3576b0ddfd4a77d56deeb6529c19033138a2cfe7d016c4e9a1ee1cbfd8723bac1121a42d8bef9941212262c27f3dd74d780eea72bad2c

    • SSDEEP

      6144:Z8LxB9Z0Q7EjnhEXc0ZBnVHlN4T6XoFy8RiwjiI0CAi2FCnfSDRWXHSAu:eZ17ghr0rnLN4T6Gy8905FCnqAXfu

    Score
    10/10
    agentteslacollectionkeyloggerspywarestealertrojan

    • AgentTesla

      Agent Tesla is a remote access tool (RAT) written in visual basic.

      keyloggertrojanstealerspywareagenttesla

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks