agenttesla | d8525b2302c08306f63aa470ca7e081dbf35669af349cd1224d1485ecff71d43 | Triage

Submit
Reports

Overview

overview

Static

static

PO-3756632...LS.exe

windows7_x64

PO-3756632...LS.exe

windows10_x64

Sharing

General

Target

PO-37566324756834756_XLS.exe
Size

714KB
Sample

201109-tmpywtgene
MD5

b56b7bea3cd94a84afa1024aea59ac6d
SHA1

4d95aee7d7ad2463e0c5a47687057bd390df6430
SHA256

d8525b2302c08306f63aa470ca7e081dbf35669af349cd1224d1485ecff71d43
SHA512

c5791e1a79e8ca31a5ddc14d7ed7c071bfcc518d5e2a5bed8c6c1ec5d08962a3d3bf83833024d6de819d90b173eff0ad06ab0b89415990c24e17926c40f4105f

Score

10^/10

agenttesla snakebot keylogger snakebot spyware stealer trojan

Static task

static1

snakebot snakebot

Behavioral task

behavioral1

Sample

PO-37566324756834756_XLS.exe

Resource

win7v20201028

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

PO-37566324756834756_XLS.exe

Resource

win10v20201028

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.karcek.com.tr
Port:
587
Username:
info@karcek.com.tr
Password:
Ahmet.6193

Targets

- Target
  
  PO-37566324756834756_XLS.exe
- Size
  
  714KB
- MD5
  
  b56b7bea3cd94a84afa1024aea59ac6d
- SHA1
  
  4d95aee7d7ad2463e0c5a47687057bd390df6430
- SHA256
  
  d8525b2302c08306f63aa470ca7e081dbf35669af349cd1224d1485ecff71d43
- SHA512
  
  c5791e1a79e8ca31a5ddc14d7ed7c071bfcc518d5e2a5bed8c6c1ec5d08962a3d3bf83833024d6de819d90b173eff0ad06ab0b89415990c24e17926c40f4105f
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

snakebotsnakebot

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy