agenttesla | f00c9450706beb17b5cc705f2e5cfe7c509f1776e3f4de99d9b3dddb7e7660a1 | Triage

Submit
Reports

Overview

overview

Static

static

MedNet

windows10_x64

Sharing

General

Target

documents and Details.bin
Size

618KB
Sample

210423-hbl28srkw2
MD5

d7d91766708bfa54f07cb2ed6e9e4620
SHA1

6afb76623f6bdf88b0a867648a1ea38d230e5e10
SHA256

f00c9450706beb17b5cc705f2e5cfe7c509f1776e3f4de99d9b3dddb7e7660a1
SHA512

95e18cdb4d3145c614e583591a1727e54b3e07c57f750096b8354d654fa48589a04d88d5178556bbef4732b254dc24584d93fecb35ef668788338eda33a659e1

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

documents and Details.bin.exe

Resource

win10v20210410

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: ftp
Host:
ftp://files.000webhost.com/
Port:
21
Username:
zinco
Password:
computer147

Targets

- Target
  
  documents and Details.bin
- Size
  
  618KB
- MD5
  
  d7d91766708bfa54f07cb2ed6e9e4620
- SHA1
  
  6afb76623f6bdf88b0a867648a1ea38d230e5e10
- SHA256
  
  f00c9450706beb17b5cc705f2e5cfe7c509f1776e3f4de99d9b3dddb7e7660a1
- SHA512
  
  95e18cdb4d3145c614e583591a1727e54b3e07c57f750096b8354d654fa48589a04d88d5178556bbef4732b254dc24584d93fecb35ef668788338eda33a659e1
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy