agenttesla | 9cd6d23182be8c80adb829e2166460ae654c1fb32a23ad25d56f1aa33bffc728 | Triage

Submit
Reports

Overview

overview

Static

static

4b575e669f...8b.exe

windows7_x64

4b575e669f...8b.exe

windows10_x64

Sharing

General

Target

4b575e669f390ab39c082e6d8133708b
Size

1.2MB
Sample

211207-p4mj2acbc6
MD5

4b575e669f390ab39c082e6d8133708b
SHA1

761d75179627f35dbda43fdb6e2d83a3fbd8ec97
SHA256

9cd6d23182be8c80adb829e2166460ae654c1fb32a23ad25d56f1aa33bffc728
SHA512

00517d8cbd98072d09de893bec9329feeeee29f465ab74272a63232056a5e48cbba969b76d943ccb7617e5aba3bfeea631a012bd8296f0d3a191d86cafe6039e

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

4b575e669f390ab39c082e6d8133708b.exe

Resource

win7-en-20211014

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

4b575e669f390ab39c082e6d8133708b.exe

Resource

win10-en-20211104

agenttesla collection keylogger spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

C2

https://api.telegram.org/bot5001070930:AAGS6zcnpfl-Q3wAAaVHDGdca4bVokv7sYg/sendDocument

Targets

- Target
  
  4b575e669f390ab39c082e6d8133708b
- Size
  
  1.2MB
- MD5
  
  4b575e669f390ab39c082e6d8133708b
- SHA1
  
  761d75179627f35dbda43fdb6e2d83a3fbd8ec97
- SHA256
  
  9cd6d23182be8c80adb829e2166460ae654c1fb32a23ad25d56f1aa33bffc728
- SHA512
  
  00517d8cbd98072d09de893bec9329feeeee29f465ab74272a63232056a5e48cbba969b76d943ccb7617e5aba3bfeea631a012bd8296f0d3a191d86cafe6039e
Score

10^/10

agenttesla keylogger spyware stealer trojan collection
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy