General

  • Target

    013288d86412f1ab6839deb1562ec98ba6dad27e0e847a1a7b5526a7737a62d7

  • Size

    620KB

  • Sample

    240328-bj1n9scd8t

  • MD5

    6aff7fae411e1e1f8619f554512d6c91

  • SHA1

    66970f2a85c3c2fbf27b8fd85ffa6089eceaeabc

  • SHA256

    013288d86412f1ab6839deb1562ec98ba6dad27e0e847a1a7b5526a7737a62d7

  • SHA512

    aebbec988c1f18701707b693a7bc88aac612c1610edb8809e65737297c487572986523edd2cde5dc6524f4c7476da06bbb6350dccfd881c4df8b6790d97231be

  • SSDEEP

    12288:3YFP0VEOR1PSrJJ1KkEGzcQVfukwgjPaxi10YtFnnL7Wu/NkDqD:3WO3SrJJ1pXVfuOiKJW0P

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot7131275962:AAE-dJRIntufGLICZWLXrTBpxMw_24XDbCc/

Targets

    • Target

      013288d86412f1ab6839deb1562ec98ba6dad27e0e847a1a7b5526a7737a62d7

    • Size

      620KB

    • MD5

      6aff7fae411e1e1f8619f554512d6c91

    • SHA1

      66970f2a85c3c2fbf27b8fd85ffa6089eceaeabc

    • SHA256

      013288d86412f1ab6839deb1562ec98ba6dad27e0e847a1a7b5526a7737a62d7

    • SHA512

      aebbec988c1f18701707b693a7bc88aac612c1610edb8809e65737297c487572986523edd2cde5dc6524f4c7476da06bbb6350dccfd881c4df8b6790d97231be

    • SSDEEP

      12288:3YFP0VEOR1PSrJJ1KkEGzcQVfukwgjPaxi10YtFnnL7Wu/NkDqD:3WO3SrJJ1pXVfuOiKJW0P

MITRE ATT&CK Matrix ATT&CK v13

Privilege Escalation

Abuse Elevation Control Mechanism

1
T1548

Bypass User Account Control

1
T1548.002

Defense Evasion

Abuse Elevation Control Mechanism

1
T1548

Bypass User Account Control

1
T1548.002

Impair Defenses

3
T1562

Disable or Modify Tools

3
T1562.001

Modify Registry

4
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

3
T1082

Tasks