agenttesla | eb798718b5e3181839d7d4dfaa3387aaae37a2784218066e315804375ed22110 | Triage

Submit
Reports

Overview

overview

Static

static

Request fo...5).exe

windows7_x64

Request fo...5).exe

windows10-2004_x64

Sharing

General

Target

eb798718b5e3181839d7d4dfaa3387aaae37a2784218066e315804375ed22110
Size

562KB
Sample

220520-16kzrshhbp
MD5

b5a35a65c501fc40174a080e4de8542d
SHA1

a82377d70beca0c0022c76374ebced1f4fe943f1
SHA256

eb798718b5e3181839d7d4dfaa3387aaae37a2784218066e315804375ed22110
SHA512

bafc828f46ee16dfa097c533466dda807f6d5d464ddee8e1c025159ab59c37695abfb338ea3c338918b9063deaafb84219160e6a1f906ddd87d4974c2ea8689a

Score

10^/10

agenttesla keylogger persistence spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Request for Quotation### rev 1 (27205).exe

Resource

win7-20220414-en

agenttesla keylogger persistence spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Request for Quotation### rev 1 (27205).exe

Resource

win10v2004-20220414-en

agenttesla keylogger persistence spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.totallyanonymous.com
Port:
587
Username:
[email protected]
Password:
R$i;Kx25esuR

Targets

- Target
  
  Request for Quotation### rev 1 (27205).exe
- Size
  
  651KB
- MD5
  
  e51a7f1f3f3d4209821149386e7c285a
- SHA1
  
  e1e54d126a4d5e809a53c0d182b2268d1cb5ef9a
- SHA256
  
  64b14942869c60d07cad750a8e51c0386cde6cfc65d574480d27ab41caa32baa
- SHA512
  
  aad60e4affe0422daa1a32a2ed9e090e23b984f4f3385fc407e80c6dd5c24e2d5babdd7ddbd74b970a13bc7b099bf09171926d3a3a95ace458cf9d26890389e2
Score

10^/10

agenttesla keylogger persistence spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslakeyloggerpersistencespywarestealertrojan

behavioral2

agentteslakeyloggerpersistencespywarestealertrojan

© 2018-2024

Terms | Privacy