agenttesla | 8858d58aa00f3a59e599698f4498162684a4b3f44eef47d12aeb0e3ea9bf6fcd | Triage

Submit
Reports

Overview

overview

Static

static

PO NO 1667...72.exe

windows7_x64

PO NO 1667...72.exe

windows10_x64

Sharing

General

Target

_PO NO 16670,16671,16672.gz
Size

579KB
Sample

210423-jzyw1q1agn
MD5

918653aaa65aa4a72c4ca8833fc974a1
SHA1

76a2c83a01a430d2481d8ba0dcf933dd882b6348
SHA256

8858d58aa00f3a59e599698f4498162684a4b3f44eef47d12aeb0e3ea9bf6fcd
SHA512

3b38e7ad597ab910671208206c8665b3ef05ce236517e939cc9f4866187108f8c27a58b6fe75350c0de5fc38d04216b81ba0ad866eef6348e744ced11131e5f3

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

PO NO 16670,16671,16672.exe

Resource

win7v20210410

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

PO NO 16670,16671,16672.exe

Resource

win10v20210410

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.tph-buasysteme.com
Port:
587
Username:
d.furchtmann@tph-buasysteme.com
Password:
kApkjKY8

Targets

- Target
  
  PO NO 16670,16671,16672.exe
- Size
  
  876KB
- MD5
  
  4b2da32775bb69ef313a77ed01c63ca5
- SHA1
  
  0f50b7d0721304ccf5c02a23da6a640980b2a24f
- SHA256
  
  e2ea537c8c7c8b76704a156bbf478fedb4464a9bc4dbd1468938c29c8e8b4ea9
- SHA512
  
  c1259c26ce296e18acfece290b771fcdf01dc47ee2074fd129da0a684f65ba2fb7b250e1a2685e50600faedbf7dd2ca6905e00aefcc82b37ac5bafc7421a2f2a
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy