agenttesla | 4f6618eacd0e379b7164439c586be7da42931451893158f2b4f697f0166130aa | Triage

Submit
Reports

Overview

overview

Static

static

PI.exe

windows7_x64

PI.exe

windows10_x64

Sharing

General

Target

PI.rar
Size

573KB
Sample

211014-fj4s5sgadj
MD5

4cf1d7d7aef2d7a481dbc39186720e7e
SHA1

5a28903bc81007cd8ded0f9c243f443f6ed45e6a
SHA256

4f6618eacd0e379b7164439c586be7da42931451893158f2b4f697f0166130aa
SHA512

e3bd01731992c3dc9e2c9a0d6dba7602c137e2b693b979dbb17b33dda5568d812d1ea11abbef550537e2e0e3868e9519e38f88d1e8d2fcfe6ba01ad5627aa1e3

Score

10^/10

agenttesla keylogger persistence spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

PI.exe

Resource

win7-en-20210920

agenttesla keylogger persistence spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

PI.exe

Resource

win10v20210408

agenttesla keylogger persistence spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.jeevalabs.com
Port:
587
Username:
account@jeevalabs.com
Password:
jeeva@123

Targets

- Target
  
  PI.exe
- Size
  
  993KB
- MD5
  
  59f7f57b8d6c0e55493eec56977d7cb4
- SHA1
  
  0740bebf070c16fca8aa5c0fada48edcc1bd9f12
- SHA256
  
  c932b6a0cbaa454668d2429d433fec76e7e544bb26b5bd1865a86aac4fa33434
- SHA512
  
  259d52573bb4f97a4d9158d2d2f53b4ea6cee27efbc8e7ffe4962ae705eb36d220e19babee78b3737e3e5bc0ab99decfc6c977aa99faf4c1abc9e445eabb3e62
Score

10^/10

agenttesla keylogger persistence spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslakeyloggerpersistencespywarestealertrojan

behavioral2

agentteslakeyloggerpersistencespywarestealertrojan

© 2018-2024

Terms | Privacy