agenttesla | a2f932924ad1fed3019fc434a560d1bbf9e9e85215decbdfa3a19397fd7d2de6 | Triage

Submit
Reports

Overview

overview

Static

static

DHL DLIVER...EL.exe

windows7_x64

DHL DLIVER...EL.exe

windows10_x64

Sharing

General

Target

DHL DLIVERY PERCEL.exe
Size

797KB
Sample

211025-gyrykaffe9
MD5

5e8244fb1be90200656767e9c1a93144
SHA1

211743f1587cb8322d3f5c0b45a868a11b1ba566
SHA256

a2f932924ad1fed3019fc434a560d1bbf9e9e85215decbdfa3a19397fd7d2de6
SHA512

541847a86c2365b8dd044431a27a351b151330677fb08a30dc1b42a0f856681d47a59788fd2d7a6cf5202117769ef14d3cf14639c5e6e585adef2fade2f995e8

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

DHL DLIVERY PERCEL.exe

Resource

win7-en-20211014

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

DHL DLIVERY PERCEL.exe

Resource

win10-en-20210920

agenttesla keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.yandex.com
Port:
587
Username:
[email protected]
Password:
washingtondc300

Targets

- Target
  
  DHL DLIVERY PERCEL.exe
- Size
  
  797KB
- MD5
  
  5e8244fb1be90200656767e9c1a93144
- SHA1
  
  211743f1587cb8322d3f5c0b45a868a11b1ba566
- SHA256
  
  a2f932924ad1fed3019fc434a560d1bbf9e9e85215decbdfa3a19397fd7d2de6
- SHA512
  
  541847a86c2365b8dd044431a27a351b151330677fb08a30dc1b42a0f856681d47a59788fd2d7a6cf5202117769ef14d3cf14639c5e6e585adef2fade2f995e8
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy