agenttesla | bb1e3ad092ad8a8dde5bdef74e649335873c3ac56d73418aebdbe1c72eef8590 | Triage

Submit
Reports

Overview

overview

Static

static

Messages Alert.exe

windows7_x64

Messages Alert.exe

windows10_x64

Sharing

General

Target

Messages Alert.zip
Size

401KB
Sample

210227-b8khm1w2v6
MD5

c0ace61ff47cd0eeea23f38e4258de8d
SHA1

9dfd2cd47844d774e0dc05b457779887803c78c4
SHA256

bb1e3ad092ad8a8dde5bdef74e649335873c3ac56d73418aebdbe1c72eef8590
SHA512

1ce1169f93ba337daea23287793ff320e4465b27ca8d4d15a0aead8f07dfa21352de5f403afea60ebed3b2fc0fb9e69306ffc287c8c706523c20c7cb56f73c3c

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Messages Alert.exe

Resource

win7v20201028

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Messages Alert.exe

Resource

win10v20201028

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: ftp
Host:
ftp://files.000webhost.com/
Port:
21
Username:
zinco
Password:
computer147

Targets

- Target
  
  Messages Alert.exe
- Size
  
  803KB
- MD5
  
  fa0bbf76dff6292d4191c425ec4f505c
- SHA1
  
  ec7a66b5e97febb2fed980579a349b95ae1060c0
- SHA256
  
  93c685198f362c176d9272eae67c9001559190c3cad3c9184aafda48cb005c03
- SHA512
  
  ca18b5644a6da28250f6ede38371503a55ffbc84685b9c99007d4862650fe15207baaf55fc4e4326cf669037d9b2f5dc56ca51ba162e7c36b80b7b28e2bd7f58
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy