agenttesla | 226055fd9a87d3bb38acb21c4d3dd7222d600003c72fab036286b9b15b233518 | Triage

Submit
Reports

Overview

overview

Static

static

EXW QUOTATION.exe

windows7_x64

EXW QUOTATION.exe

windows10_x64

Sharing

General

Target

EXW QUOTATION.exe
Size

651KB
Sample

210504-mgp1335rte
MD5

b6e6ec67a638e2ee7344d847a749ded0
SHA1

9da346f12d9bd00d454a219f73fe628dbf408817
SHA256

226055fd9a87d3bb38acb21c4d3dd7222d600003c72fab036286b9b15b233518
SHA512

227f0ced3757b765e8f7e474dd7bcbf8bebd185172e0601649df422dce5e454d0abc4ef0a30c5aa23941d926176fe0c85b186bc4c956acc820f8e29fc95ccbe2

Score

10^/10

agenttesla keylogger persistence spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

EXW QUOTATION.exe

Resource

win7v20210410

agenttesla keylogger persistence spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

EXW QUOTATION.exe

Resource

win10v20210408

agenttesla keylogger persistence spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
server126.web-hosting.com
Port:
587
Username:
jokelogs@omnlltd.com
Password:
E#@Dfb$LbM)M

Targets

- Target
  
  EXW QUOTATION.exe
- Size
  
  651KB
- MD5
  
  b6e6ec67a638e2ee7344d847a749ded0
- SHA1
  
  9da346f12d9bd00d454a219f73fe628dbf408817
- SHA256
  
  226055fd9a87d3bb38acb21c4d3dd7222d600003c72fab036286b9b15b233518
- SHA512
  
  227f0ced3757b765e8f7e474dd7bcbf8bebd185172e0601649df422dce5e454d0abc4ef0a30c5aa23941d926176fe0c85b186bc4c956acc820f8e29fc95ccbe2
Score

10^/10

agenttesla keylogger persistence spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslakeyloggerpersistencespywarestealertrojan

behavioral2

agentteslakeyloggerpersistencespywarestealertrojan

© 2018-2024

Terms | Privacy