General

  • Target

    1120-3378-AWB.exe

  • Size

    1.4MB

  • Sample

    200624-vre6dbqh6a

  • MD5

    fd23513eaf9fcb99845b6b518fafa080

  • SHA1

    9dd54f29b70f8852988b523caebd908cfcbcbf07

  • SHA256

    a91a2b8234a4b5a0fcd701970e05a01d153cd65ff27ed7e35fe603e3a59eaa40

  • SHA512

    6e67e3b59500ca6f78f280ea4b841296c70cb9ade0fb625ca9c332aa5513b0a0e771a083eb34bdfd93e7665d7a4d03845fe8c187e090ee7d22d470e2633191e4

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:
    smtp
  • Host:
    mail.edaraproperty.net
  • Port:
    587
  • Username:
    wt.security@edaraproperty.net
  • Password:
    WEST##963852741

Extracted

Credentials

  • Protocol:
    smtp
  • Host:
    mail.edaraproperty.net
  • Port:
    587
  • Username:
    wt.security@edaraproperty.net
  • Password:
    WEST##963852741

Targets

    • Target

      1120-3378-AWB.exe

    • Size

      1.4MB

    • MD5

      fd23513eaf9fcb99845b6b518fafa080

    • SHA1

      9dd54f29b70f8852988b523caebd908cfcbcbf07

    • SHA256

      a91a2b8234a4b5a0fcd701970e05a01d153cd65ff27ed7e35fe603e3a59eaa40

    • SHA512

      6e67e3b59500ca6f78f280ea4b841296c70cb9ade0fb625ca9c332aa5513b0a0e771a083eb34bdfd93e7665d7a4d03845fe8c187e090ee7d22d470e2633191e4

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

1
T1112

Tasks