agenttesla | dfea145bc145484b9b74a0142de5db52e270065e7bc0b4304c4704d36bc3967d | Triage

Submit
Reports

Overview

overview

Static

static

AWB-28_08_...20.exe

windows7_x64

AWB-28_08_...20.exe

windows10-2004_x64

Sharing

General

Target

dfea145bc145484b9b74a0142de5db52e270065e7bc0b4304c4704d36bc3967d
Size

567KB
Sample

220520-17l88ahhgk
MD5

9336d9000925ffa94f3f45ef30f9e656
SHA1

f235d0a1d1985d41279a096d52aa1a3f1cdd4e6f
SHA256

dfea145bc145484b9b74a0142de5db52e270065e7bc0b4304c4704d36bc3967d
SHA512

e4d48877fb99e267a5abe77c5cc2fa3a890227ce0d1575f19f31a3c064f465910c766b4c8b4b7ac9b601b9611acbffa713ce2b4325a85560a2e7b42840be1695

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

AWB-28_08_2020_INV_28_08_2020.exe

Resource

win7-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

AWB-28_08_2020_INV_28_08_2020.exe

Resource

win10v2004-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.knmbz.com
Port:
587
Username:
[email protected]
Password:
kJubHQs8

Targets

- Target
  
  AWB-28_08_2020_INV_28_08_2020.exe
- Size
  
  601KB
- MD5
  
  b4ea3f1a395a6d45b4dd14dfa79a4a4f
- SHA1
  
  80606964727704b0dc6ce6cf461c5cccd59a0e05
- SHA256
  
  cd30f85c751611f8df1742f5ab1c5c5862ff91aa4e84065332522263485efd99
- SHA512
  
  31d5d5b54e8e7c69eb9aff3db664b97b5760974cdf464b725783caa9ea97f1efa5936821064e8522a535697d6571fd6737e72ef7544058b3a11fdafcdc89c2ed
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy