agenttesla | 600c5ea970522a73a32d2dd2bfd6d8922bc7d5f6e2c023ae1d0b53bf0007d3ac | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

600c5ea970522a73a32d2dd2bfd6d8922bc7d5f6e2c023ae1d0b53bf0007d3ac
Size

787KB
Sample

211201-jgja7sdgd3
MD5

2c47420a6c4006d0de0e072ac20a0601
SHA1

8c9c5bbfde081c3c2816e27c8fbb764da3c5c861
SHA256

600c5ea970522a73a32d2dd2bfd6d8922bc7d5f6e2c023ae1d0b53bf0007d3ac
SHA512

44d9bc87606419675acaaaf5b12b5e920a2bf25359f577a84cc0e96ef7056ddfb4abd46eea33277f4015e37ac15d3418f6e135cd56b96d5425da2a40b9a629ee

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

600c5ea970522a73a32d2dd2bfd6d8922bc7d5f6e2c023ae1d0b53bf0007d3ac.exe

Resource

win10-en-20211014

agenttesla collection keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot1923270472:AAFHljVp-f8Q5-X0iy70Vfe0aTch5THPa-U/sendDocument

Targets

- Target
  
  600c5ea970522a73a32d2dd2bfd6d8922bc7d5f6e2c023ae1d0b53bf0007d3ac
- Size
  
  787KB
- MD5
  
  2c47420a6c4006d0de0e072ac20a0601
- SHA1
  
  8c9c5bbfde081c3c2816e27c8fbb764da3c5c861
- SHA256
  
  600c5ea970522a73a32d2dd2bfd6d8922bc7d5f6e2c023ae1d0b53bf0007d3ac
- SHA512
  
  44d9bc87606419675acaaaf5b12b5e920a2bf25359f577a84cc0e96ef7056ddfb4abd46eea33277f4015e37ac15d3418f6e135cd56b96d5425da2a40b9a629ee
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy