agenttesla | 9c52e5abbdec26b1c8066aee59d805df3fe8150e570ca06ac3a844729bf8f302 | Triage

Submit
Reports

Overview

overview

Static

static

invoice AL21-450.exe

windows7_x64

invoice AL21-450.exe

windows10_x64

Sharing

General

Target

invoice AL21-450.rar
Size

573KB
Sample

211014-ff8mxsgbb6
MD5

d8c5a19e4c5acad38accd2b3b9326a05
SHA1

d0a5c8853cf24150f863ba3c8eb2fdd24bdbf6e7
SHA256

9c52e5abbdec26b1c8066aee59d805df3fe8150e570ca06ac3a844729bf8f302
SHA512

5099060233aff5df0195b30ef2c9c822137b8cb2944cc9defc7a528d9739b4aa4b79b1ef1d94c1cb350524bea5b7859453f7cd398ab91992064c22c5675820fe

Score

10^/10

agenttesla keylogger persistence spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

invoice AL21-450.exe

Resource

win7-en-20210920

agenttesla keylogger persistence spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

invoice AL21-450.exe

Resource

win10v20210408

agenttesla keylogger persistence spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.jeevalabs.com
Port:
587
Username:
account@jeevalabs.com
Password:
jeeva@123

Targets

- Target
  
  invoice AL21-450.exe
- Size
  
  993KB
- MD5
  
  59f7f57b8d6c0e55493eec56977d7cb4
- SHA1
  
  0740bebf070c16fca8aa5c0fada48edcc1bd9f12
- SHA256
  
  c932b6a0cbaa454668d2429d433fec76e7e544bb26b5bd1865a86aac4fa33434
- SHA512
  
  259d52573bb4f97a4d9158d2d2f53b4ea6cee27efbc8e7ffe4962ae705eb36d220e19babee78b3737e3e5bc0ab99decfc6c977aa99faf4c1abc9e445eabb3e62
Score

10^/10

agenttesla keylogger persistence spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslakeyloggerpersistencespywarestealertrojan

behavioral2

agentteslakeyloggerpersistencespywarestealertrojan

© 2018-2024

Terms | Privacy