agenttesla | 6d0e896d138e1e12f3c29a4fe7b91618774a7aa59fe1a818853d32c8b06786f4 | Triage

Submit
Reports

Overview

overview

Static

static

1

A007 Termbase.msi

windows10-1703-x64

A007 Termbase.msi

windows10-2004-x64

6

A007 Termbase.msi

windows11-21h2-x64

6

Sharing

General

Target

A007 Termbase.msi
Size

26.4MB
Sample

240427-2j8yraab48
MD5

0d74999e3ce596667b1cef92ebac05fa
SHA1

f4cecf3d7f2563b5c74c86f744061e338d2d3421
SHA256

6d0e896d138e1e12f3c29a4fe7b91618774a7aa59fe1a818853d32c8b06786f4
SHA512

e36740d392e751e94f3273d68e6235b03b96ca5f9a63f33ea0a7b3a19545be1cc889aa245c4a85a318e2b36cbcc31c356911476a58d24c9f16f4a18fd419f245
SSDEEP

786432:UeBHVLpoSprl9J1P2nYOWMzgpEH68ppppppppb:U21poSRPynwMzgpEa8ppppppppb

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

A007 Termbase.msi

Resource

win10-20240404-en

agenttesla keylogger spyware stealer trojan

windows10-1703-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

A007 Termbase.msi

Resource

win10v2004-20240419-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral3

Sample

A007 Termbase.msi

Resource

win11-20240419-en

windows11-21h2-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  A007 Termbase.msi
- Size
  
  26.4MB
- MD5
  
  0d74999e3ce596667b1cef92ebac05fa
- SHA1
  
  f4cecf3d7f2563b5c74c86f744061e338d2d3421
- SHA256
  
  6d0e896d138e1e12f3c29a4fe7b91618774a7aa59fe1a818853d32c8b06786f4
- SHA512
  
  e36740d392e751e94f3273d68e6235b03b96ca5f9a63f33ea0a7b3a19545be1cc889aa245c4a85a318e2b36cbcc31c356911476a58d24c9f16f4a18fd419f245
- SSDEEP
  
  786432:UeBHVLpoSprl9J1P2nYOWMzgpEH68ppppppppb:U21poSRPynwMzgpEa8ppppppppb
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

behavioral3

© 2018-2024

Terms | Privacy