agenttesla | bb235e99c7447f3782eff5edf2a2ed83e66246743e098f12269def2812f53ea5 | Triage

Submit
Reports

Overview

overview

Static

static

aggah.ps1

windows7_x64

aggah.ps1

windows10_x64

Sharing

General

Target

aggah.ps1
Size

759KB
Sample

211019-vf7g7ahbcm
MD5

3437960e7b594bb64c41beb01415ce4f
SHA1

68c6e4938eb4879e8ee08d808dc6d328d2664ad1
SHA256

bb235e99c7447f3782eff5edf2a2ed83e66246743e098f12269def2812f53ea5
SHA512

1ef17671b3eaf6d4b9c063880f2d7c84b8b82100298127b508e51e54f10839e19f47077a8545b41b7199f3202990522ac198a7b561316ee1a8d527349eae52c8

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

aggah.ps1

Resource

win7-en-20210920

agenttesla collection keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

aggah.ps1

Resource

win10-en-20211014

agenttesla collection keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

C2

http://103.125.190.248/j/p13n/mawa/b04042b22b2b6179257d.php

Targets

- Target
  
  aggah.ps1
- Size
  
  759KB
- MD5
  
  3437960e7b594bb64c41beb01415ce4f
- SHA1
  
  68c6e4938eb4879e8ee08d808dc6d328d2664ad1
- SHA256
  
  bb235e99c7447f3782eff5edf2a2ed83e66246743e098f12269def2812f53ea5
- SHA512
  
  1ef17671b3eaf6d4b9c063880f2d7c84b8b82100298127b508e51e54f10839e19f47077a8545b41b7199f3202990522ac198a7b561316ee1a8d527349eae52c8
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Drops file in Drivers directory
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy