agenttesla | 3ff843810cdddb3d63f8c88302b5b37293a28b5bdd5d71193851c312d2abcd28 | Triage

Submit
Reports

Overview

overview

Static

static

SWIFT_987867T8E.exe

windows7_x64

SWIFT_987867T8E.exe

windows10_x64

Sharing

General

Target

SWIFT_987867T8E.exe
Size

1.1MB
Sample

210727-2rzybyf34j
MD5

e7e6dd904cf4e8914173e3c1144d457f
SHA1

da2e7749856bb874dab798c6e73d643f2751250a
SHA256

3ff843810cdddb3d63f8c88302b5b37293a28b5bdd5d71193851c312d2abcd28
SHA512

8e9d6f764037476f9244b08fbff9389b66ff5bf4a0104241414041421f56c164a2704ba7bc4b8b515305527df76103ac5ab61540cdf8e804fe92243bdc0d2f42

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

SWIFT_987867T8E.exe

Resource

win7v20210410

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SWIFT_987867T8E.exe

Resource

win10v20210408

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.vivaldi.net
Port:
587
Username:
rexsativa@vivaldi.net
Password:
panosoktenio@gmail.com

Targets

- Target
  
  SWIFT_987867T8E.exe
- Size
  
  1.1MB
- MD5
  
  e7e6dd904cf4e8914173e3c1144d457f
- SHA1
  
  da2e7749856bb874dab798c6e73d643f2751250a
- SHA256
  
  3ff843810cdddb3d63f8c88302b5b37293a28b5bdd5d71193851c312d2abcd28
- SHA512
  
  8e9d6f764037476f9244b08fbff9389b66ff5bf4a0104241414041421f56c164a2704ba7bc4b8b515305527df76103ac5ab61540cdf8e804fe92243bdc0d2f42
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy