agenttesla | 2207b165b5917ab5da3c423a0bd875e06dc5509ed52ad5405304280866979538 | Triage

Submit
Reports

Overview

overview

Static

static

nova narud?ba.exe

windows7_x64

nova narud?ba.exe

windows10-2004_x64

Sharing

General

Target

2207b165b5917ab5da3c423a0bd875e06dc5509ed52ad5405304280866979538
Size

303KB
Sample

220520-2mcpqafeh7
MD5

29b72d84ec0ee7b68e2438073cbfb815
SHA1

882f55510080c6737a4e739b4f288a8597e92e8d
SHA256

2207b165b5917ab5da3c423a0bd875e06dc5509ed52ad5405304280866979538
SHA512

43bacca8c6c9d41bda602618672997625c8402d8a8e6cc0f0f279f8dad61f00cc65430f8b103882fa6ec08272bcff1d7e9bb707f07b44ad7985eb0ee13d0de82

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

nova narud?ba.exe

Resource

win7-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

nova narud?ba.exe

Resource

win10v2004-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.yandex.com
Port:
587
Username:
[email protected]
Password:
chosen@@@123

Targets

- Target
  
  nova narud?ba.exe
- Size
  
  321KB
- MD5
  
  a35772d14e29eff85dcd2d5fc74ab08c
- SHA1
  
  b1b5f8f29619273be7e5ea1fc360bd5634f8fb13
- SHA256
  
  6ce07f9854b3d9f983265569f34a640a9f274c1bfd30fcba4b6bb64c957ecc54
- SHA512
  
  24a531f25744ce69269fec48b13337c3711f65d16b989369780cfe609a25cbce86c6a9d8df5b678c0688ad62a7d6ca2dc61c66865f2c44dce85a89da5d2db46e
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy