CT_7093164285.exe

Target

CT_7093164285.exe

Size

852KB

Sample

210408-gtbsjxwrbx

Score

10 ^/10

MD5

4115754d5b0d6ab49aed7fdde034d04a

SHA1

6eb5fbd8c35001249521652c36c0cb9feccddbbe

SHA256

67e40f25962f1a77b84cc4a4b990bf99041924736e11b55e74edef29816ef3ec

SHA512

27b8c0c266d8836499c3e1c4496569cd23364f925933708e1ced61ed682eae1733919c6e09e4e2f0dcd1e2d5bd76a8843f1b0b6b89a95ae779d04cfd1c00a012

Extracted

Family	agenttesla
Credentials	Protocol: smtp Host: mail.chrismehat.com Port: 587 Username: market@chrismehat.com Password: vStcCO~Cyox6

Target

CT_7093164285.exe

MD5

4115754d5b0d6ab49aed7fdde034d04a

Filesize

852KB

Score

10 ^/10

SHA1

6eb5fbd8c35001249521652c36c0cb9feccddbbe

SHA256

67e40f25962f1a77b84cc4a4b990bf99041924736e11b55e74edef29816ef3ec

SHA512

27b8c0c266d8836499c3e1c4496569cd23364f925933708e1ced61ed682eae1733919c6e09e4e2f0dcd1e2d5bd76a8843f1b0b6b89a95ae779d04cfd1c00a012

Signatures

AgentTesla

Description

Agent Tesla is a remote access tool (RAT) written in visual basic.

Tags

keylogger trojan stealer spyware agenttesla
AgentTesla Payload
Suspicious use of SetThreadContext

Related Tasks

behavioral1 behavioral2

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

System Information Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Scheduled Task

Privilege Escalation

static1

behavioral1

agenttesla keylogger spyware stealer trojan

10^/10

behavioral2

agenttesla keylogger spyware stealer trojan

10^/10

Extracted

Tags

Signatures

AgentTesla

Description

Tags

AgentTesla Payload

Suspicious use of SetThreadContext

Related Tasks

static1

behavioral1

behavioral2