Overview

overview

10

Static

static

order587458.exe

windows7_x64

10

order587458.exe

windows10_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    order587458.exe

  • Size

    408KB

  • Sample

    200630-51qz86a8mx

  • MD5

    f4305f4e50460977b0ff2431b9757439

  • SHA1

    17742bda937de344a656ac5b743456b466ad8e6b

  • SHA256

    4c72144a1bf6af1702d13a66880820fb987125f63216a40e627ad963b85eeb39

  • SHA512

    b36d6a4ba3e98d398b4001862036fc1080ef52b7898bcec50fd2d0e43957aa7c44f3395e222bd1bec8b0cf95cdacac5e2b4d556535f42669f5c56a55e99fe3f7

Score
10/10
agentteslakeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    smtp.yandex.com
  • Port:
    587
  • Username:
    j.koskela@yandex.com
  • Password:
    voice5&&*489

Targets

    • Target

      order587458.exe

    • Size

      408KB

    • MD5

      f4305f4e50460977b0ff2431b9757439

    • SHA1

      17742bda937de344a656ac5b743456b466ad8e6b

    • SHA256

      4c72144a1bf6af1702d13a66880820fb987125f63216a40e627ad963b85eeb39

    • SHA512

      b36d6a4ba3e98d398b4001862036fc1080ef52b7898bcec50fd2d0e43957aa7c44f3395e222bd1bec8b0cf95cdacac5e2b4d556535f42669f5c56a55e99fe3f7

    Score
    10/10
    agentteslakeyloggerspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks