agenttesla | ea14b2f05572c2086fbede5fde7c6b94b4f9a2d378680c656510f32bd1445e39 | Triage

Submit
Reports

Overview

overview

Static

static

RFQ pdf.exe

windows7_x64

RFQ pdf.exe

windows10_x64

Sharing

General

Target

RFQ pdf.tar.gz
Size

408KB
Sample

210226-7wefgqxnw2
MD5

677f7c3940ef835ff36bb7ac948bf805
SHA1

ae06c4ce12b656be056cc366b4661cd84b19d674
SHA256

ea14b2f05572c2086fbede5fde7c6b94b4f9a2d378680c656510f32bd1445e39
SHA512

63c3053b7f9afa6bb6a99346a9a09fc721b463e7e2c55a7de601e0c23a2e61fcf7681e397df3ec3bf6f90572e54b9c27502d479bc7924929f4e48ceb8ec7d271

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

RFQ pdf.exe

Resource

win7v20201028

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

RFQ pdf.exe

Resource

win10v20201028

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.hermanusbearings.co.za
Port:
587
Username:
[email protected]
Password:
$Victory2019$

Targets

- Target
  
  RFQ pdf.exe
- Size
  
  527KB
- MD5
  
  0835d407446f230b2118ba9f5a0d76d0
- SHA1
  
  6629c2d479fff511f903bf7a6489dd67f82e8bae
- SHA256
  
  80622d6bf536ca1e21f411864d3c4af7f4ebded98ea3aeeb6c99b964b247e3ca
- SHA512
  
  6633ac50c911cc578da47a0374b6bd2ec205990a5ee718fb1412291247f717a304d230fecb877b9316a9c095fc74b61bf69158e5dbca696656fe6d2851aa97d1
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy