agenttesla | 6bb23e46084db2109b99ead9b3c6cf74b49b3650d948c6c55b7d42babe48cad5 | Triage

Submit
Reports

Overview

overview

Static

static

KIS PRODUK...R .exe

windows7_x64

KIS PRODUK...R .exe

windows10_x64

Sharing

General

Target

KIS PRODUKT FIRST ORDER.rar
Size

392KB
Sample

210225-vmfpr19wgn
MD5

dfac5f3cf859e00aa0c6053532ea618f
SHA1

9141584fc80d32780b23776148660fc9c1efccad
SHA256

6bb23e46084db2109b99ead9b3c6cf74b49b3650d948c6c55b7d42babe48cad5
SHA512

3842ad98d373102ad34ed9b00126d5265ae25abb944f3299e16bcb86c5936cc543e05b11d94516b4294a1fc6c135cf9db605f7c5b564d95f873432ef8a8d44db

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

KIS PRODUKT FIRST ORDER .exe

Resource

win7v20201028

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

KIS PRODUKT FIRST ORDER .exe

Resource

win10v20201028

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.privateemail.com
Port:
587
Username:
[email protected]
Password:
GODBLESSUS123

Targets

- Target
  
  KIS PRODUKT FIRST ORDER .exe
- Size
  
  488KB
- MD5
  
  45daadab1091bd723b6fbce89854db81
- SHA1
  
  c428a55ec3a57fa18d9b850688231fc6497bba27
- SHA256
  
  1f0f56584763c573ef925d19b1169c11b650d670f01f201bd465bbd44549cd39
- SHA512
  
  e66507226dad7ef3bcee65950969a1852ccd0d2544b17f028926978daf3514026964fc5c8735b4f6b91c35af982a060c84c8500075f8a44b546c81f19193fe32
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy