agenttesla | 2bab90115e107a01e2382c39f56afb09b4dcf0e788270d34867b83c872286295 | Triage

Submit
Reports

Overview

overview

Static

static

OC_UNMSM 5904263.exe

windows7_x64

OC_UNMSM 5904263.exe

windows10_x64

Sharing

General

Target

OC_UNMSM 5904263.exe
Size

805KB
Sample

210408-mhsavgzxcx
MD5

47ae34010e760d2a6d5487710e21db4d
SHA1

30c5995c0cd40ad5102953bef4e591bed55749b7
SHA256

2bab90115e107a01e2382c39f56afb09b4dcf0e788270d34867b83c872286295
SHA512

141687376bcc04744ba66c72cf0e1bc33a1db1550b3c10157f7d1dbc4db6168d9f85576f129d8f5b448ef6d6341bee3b5bea2de9e262c152e9a82771c1bb3eaa

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

OC_UNMSM 5904263.exe

Resource

win7v20201028

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

OC_UNMSM 5904263.exe

Resource

win10v20201028

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.chrismehat.com
Port:
587
Username:
market@chrismehat.com
Password:
vStcCO~Cyox6

Targets

- Target
  
  OC_UNMSM 5904263.exe
- Size
  
  805KB
- MD5
  
  47ae34010e760d2a6d5487710e21db4d
- SHA1
  
  30c5995c0cd40ad5102953bef4e591bed55749b7
- SHA256
  
  2bab90115e107a01e2382c39f56afb09b4dcf0e788270d34867b83c872286295
- SHA512
  
  141687376bcc04744ba66c72cf0e1bc33a1db1550b3c10157f7d1dbc4db6168d9f85576f129d8f5b448ef6d6341bee3b5bea2de9e262c152e9a82771c1bb3eaa
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy