agenttesla | bf5d80e41502cbe3e4c6af87106406521d7dff65160a069bdc84f24a086f5381 | Triage

Submit
Reports

Overview

overview

Static

static

Quote requ...12.exe

windows7_x64

Quote requ...12.exe

windows10_x64

Sharing

General

Target

Quote request -DA 31312.exe
Size

984KB
Sample

210504-trz6sb9jsx
MD5

b2b3633436e5fd34c73e9cfd9c4160a4
SHA1

fa2c80fe7adf8d76ba283686f0d2691cc2c59037
SHA256

bf5d80e41502cbe3e4c6af87106406521d7dff65160a069bdc84f24a086f5381
SHA512

a5122becfc76ec88b10aec0b6f691e5430e96abac55478005d12255a9e3280d25a12b7759910536b4221f461b1c78c30612cf32d1dfc3de55194093d6086b54b

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Quote request -DA 31312.exe

Resource

win7v20210408

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Quote request -DA 31312.exe

Resource

win10v20210408

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.skintechpharmgroup.com
Port:
587
Username:
chioma.billy@skintechpharmgroup.com
Password:
HUSTLE2021

Targets

- Target
  
  Quote request -DA 31312.exe
- Size
  
  984KB
- MD5
  
  b2b3633436e5fd34c73e9cfd9c4160a4
- SHA1
  
  fa2c80fe7adf8d76ba283686f0d2691cc2c59037
- SHA256
  
  bf5d80e41502cbe3e4c6af87106406521d7dff65160a069bdc84f24a086f5381
- SHA512
  
  a5122becfc76ec88b10aec0b6f691e5430e96abac55478005d12255a9e3280d25a12b7759910536b4221f461b1c78c30612cf32d1dfc3de55194093d6086b54b
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy