SecuriteInfo.com.Trojan.GenericKDZ.73120.3552.2561

Target

Size

1MB

Sample

210223-6lj5pg8eqe

Score

10 ^/10

MD5

ed6841cbc5206942dd2e812f7855b156

SHA1

3b51ff4aa0b8d39e6d6e2df5b19a47b06898ab21

SHA256

0381c68c02579ec24cbc328815c87c9aa49833ae2ddc321780fe9881234a2f80

SHA512

5ffef1b2aab994e2694d0a1a0d2e9c9866e006f34cdc838b63d8f806042ed42d7ba7965a1cd71ffa3836bfc804f402b52af4d7d63de5b41d28f3e6e0250335e1

Extracted

Family	agenttesla
Credentials	Protocol: smtp Host: smtp.yandex.com Port: 587 Username: armyscheme@yandex.com Password: browse9ja

Target

SecuriteInfo.com.Trojan.GenericKDZ.73120.3552.2561

MD5

ed6841cbc5206942dd2e812f7855b156

Filesize

1MB

Score

10 ^/10

SHA1

3b51ff4aa0b8d39e6d6e2df5b19a47b06898ab21

SHA256

0381c68c02579ec24cbc328815c87c9aa49833ae2ddc321780fe9881234a2f80

SHA512

5ffef1b2aab994e2694d0a1a0d2e9c9866e006f34cdc838b63d8f806042ed42d7ba7965a1cd71ffa3836bfc804f402b52af4d7d63de5b41d28f3e6e0250335e1

Signatures

AgentTesla

Description

Agent Tesla is a remote access tool (RAT) written in visual basic.

Tags

keylogger trojan stealer spyware agenttesla
AgentTesla Payload
Suspicious use of SetThreadContext

Related Tasks

behavioral1 behavioral2

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

static1

behavioral1

agenttesla keylogger spyware stealer trojan

10^/10

behavioral2

agenttesla keylogger spyware stealer trojan

10^/10

Extracted

Tags

Signatures

AgentTesla

Description

Tags

AgentTesla Payload

Suspicious use of SetThreadContext

Related Tasks

static1

behavioral1

behavioral2