agenttesla | 904b4d3ef25a59a896522183f38be8cb155350dc1823cf7784b48e9fe93983c1 | Triage

Submit
Reports

Overview

overview

Static

static

Details as...ail.js

windows7_x64

Details as...ail.js

windows10_x64

Sharing

General

Target

Details as attached in this mail.js
Size

628KB
Sample

211202-tynbladed6
MD5

e570e22ed2b2a600241ee070d0c4873d
SHA1

2cea5772982d6695cde4b1c2c8727034ec7d67b3
SHA256

904b4d3ef25a59a896522183f38be8cb155350dc1823cf7784b48e9fe93983c1
SHA512

357a23f2cff7632deb6eb05e2595795e914b56e8526896b9f6bf6736a95ba6b8804c7ee2941fd0a1f056a9ff5b5f219d598efffa4799dea13fb763866f631a89

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Details as attached in this mail.js

Resource

win7-en-20211104

agenttesla collection keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Details as attached in this mail.js

Resource

win10-en-20211014

agenttesla collection keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: ftp
Host:
ftp://files.000webhost.com/
Port:
21
Username:
zinco
Password:
computer147

Targets

- Target
  
  Details as attached in this mail.js
- Size
  
  628KB
- MD5
  
  e570e22ed2b2a600241ee070d0c4873d
- SHA1
  
  2cea5772982d6695cde4b1c2c8727034ec7d67b3
- SHA256
  
  904b4d3ef25a59a896522183f38be8cb155350dc1823cf7784b48e9fe93983c1
- SHA512
  
  357a23f2cff7632deb6eb05e2595795e914b56e8526896b9f6bf6736a95ba6b8804c7ee2941fd0a1f056a9ff5b5f219d598efffa4799dea13fb763866f631a89
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Executes dropped EXE
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy