General

  • Target

    50f0889e1b72316ac38fcd41e667da22_JaffaCakes118

  • Size

    387KB

  • Sample

    240517-xel6zadb5z

  • MD5

    50f0889e1b72316ac38fcd41e667da22

  • SHA1

    3b12c09887303bfe42b30559fe22381184cfcb48

  • SHA256

    d2778835fde0fcfab3f1a69cef61e1c677c275ff0d57e0051c59d6af9d7114ce

  • SHA512

    80e855e11bff0ac20cbc81c51a9e8fd7392073eb9dd0fa3bdfb448c5ecd91755c5d7fbf1e13b267ccc0cca1989a09ade94cc4a7ce69bda1b34b7ecb3947baff0

  • SSDEEP

    6144:FUj/wAQQlZIsAaiPLRQKu38GWQD31OzUDRrjrBEEsaxW4MujFbXPAuy08CO/:Fq+QlaNdQKgFlFrOEsa8Luthyt/

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:
    smtp
  • Host:
    mail.appraisal-hub.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    Kumasi12345009

Targets

    • Target

      50f0889e1b72316ac38fcd41e667da22_JaffaCakes118

    • Size

      387KB

    • MD5

      50f0889e1b72316ac38fcd41e667da22

    • SHA1

      3b12c09887303bfe42b30559fe22381184cfcb48

    • SHA256

      d2778835fde0fcfab3f1a69cef61e1c677c275ff0d57e0051c59d6af9d7114ce

    • SHA512

      80e855e11bff0ac20cbc81c51a9e8fd7392073eb9dd0fa3bdfb448c5ecd91755c5d7fbf1e13b267ccc0cca1989a09ade94cc4a7ce69bda1b34b7ecb3947baff0

    • SSDEEP

      6144:FUj/wAQQlZIsAaiPLRQKu38GWQD31OzUDRrjrBEEsaxW4MujFbXPAuy08CO/:Fq+QlaNdQKgFlFrOEsa8Luthyt/

    • Target

      $TEMP/12.opends60.dll

    • Size

      53B

    • MD5

      daa2b2b53c73519e2cfe5239a33d7fe2

    • SHA1

      4cdc35f6b76191dfb8045ffa68994ad7d470491a

    • SHA256

      079bbc83ae9ecb7d781bd24eedbaeee2b58009906739990c97a0976ab9332e81

    • SHA512

      2130e15a5686ee1788c29c2022922c128257eb7c45313b49dd2946a23c9d9a78b7cb0ad3c700b2c3ffdd9225b5d9a020de9b4a01114d771c4a850507f72e950c

    Score
    1/10
    • Target

      $TEMP/BeauxSparable.dll

    • Size

      76KB

    • MD5

      99236dd796d2adf3c6260b3eecd5dfb5

    • SHA1

      a43863c63204c2b202d3477dfeb9521c21daaa48

    • SHA256

      e5d68b9bcf465b0d46d697770bad54c5dbb106b45e55b37f80eaf7e0422d0f6d

    • SHA512

      5312fbc934221f1931b78caf3d1137183167f4bbbde4f76dc4836a5c728f9523b50d8b1d62af17c8b0962b4a5901bafba339e230e20b9eb41802c8afb0810cda

    • SSDEEP

      768:7WZE8CmBTlm6uQLAmtlSKAS58/yAQ/Ku3bZQhtVtZCLJb:7xRmqOAmDSR5m9Q5tZCL9

    Score
    1/10
    • Target

      $TEMP/MakeZipExe.exe

    • Size

      19KB

    • MD5

      c1fd440232b406dbe0c31d95ef15c10f

    • SHA1

      0fed2783db14580235ff0376994739b1dd2124bd

    • SHA256

      7e5a89afe60f7ba8bb14d8cd1b090e6f9c51a8632469daa9d58a5e3567f5c87d

    • SHA512

      305e303cf3ad3db2a2b94e35de4129fbd8202ed6e7cdd817e18fca3a8f8bb126c9f3bc0faf9a2ac27b70d01f5367889493b02d5eba709182b062cbe6be05bd8a

    • SSDEEP

      384:TcPmQYQjKtNFWM3TsiHg6ihJSxUCR1rgCPKabK2t0X5P7DZ+v8WLiW:mFYSMDnFRJBh

    Score
    1/10
    • Target

      $TEMP/VsMacroHierarchyLib.dll

    • Size

      9KB

    • MD5

      fa8b9b8c019621ee87f6dc589a50db99

    • SHA1

      77bb7e8137d83ebea08f6b65e1e94ffa4559b2d4

    • SHA256

      165882e496e37ceb73174d921d7a07de38750c5e43f2bc4f0f8a052faa5a5b97

    • SHA512

      814528a1946ac2678962a8646cb8daceceb6a9fd5d140b49150f06ca4926d20267632fdc48a2cd7c3adca841a727d4c56255de8fdeb758d0195ef69a83c2dbee

    • SSDEEP

      192:XIsTTrfr6EL3h02hTnq9yQUkwkwE+254QQ06iy3kiXzFjeoU1gtldhT9xyWQNB67:XIsrrDKPUD4LKQQtiyUijkoUKnPTHyW5

    Score
    1/10
    • Target

      $TEMP/pragmatics.exe

    • Size

      48KB

    • MD5

      08c2ab35984a38de2f56de4e026d4410

    • SHA1

      5e9f64c1cbe546a899f8903f38d42cd830474068

    • SHA256

      0a46cc80a4ade0fd9c11947000295a1243902c17c82ec8c1e8eae99c3a46f288

    • SHA512

      3828d6e7259a08d335fe34b2589db948f89b98a0a67a5275070bb9528709db88ed1726cd2e9fdfafaebf0cf45a4f1cd77ff84dc68f464ead44967ce3dda0fd01

    • SSDEEP

      768:Ba/zEsxrPPqSmhTUrDAatzWP8HM+3LEtTw:qtVPPqFWAaVWP8NwtTw

    • Target

      $TEMP/resToResX.exe

    • Size

      38KB

    • MD5

      8952521941dbe005a4ac2fe8a88aba2c

    • SHA1

      b5114de8c2e78d72ec8ddb6ab7bcb02b1bb5291f

    • SHA256

      3a530aacf477d005147c3b3a782b96a7c9a8a17a0a3e163be255ca8a133ea430

    • SHA512

      a79f7bd27370578be53e1ff46dbe52fc95c153c7213ad9ca5d2206c3d6e8ad315bb98058ad8d806aa33affc1c22c9784ba73b2e7da20b36dd77421f85a90d0ba

    • SSDEEP

      384:J1rc09Z2gN3uUXCKDWK93bZ3Jd0Oi9jqUOJesaxdu/+lW8wWhLCcMe/oTC4:H12jUXCH4rSqFCbU+17L3d/o+4

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks