agenttesla | 0d08d12c9a7238d1077353c6c2f5b8748ca4d1b8711df2c0552f8dfe25562215 | Triage

Submit
Reports

Overview

overview

Static

static

Purchase Order.exe

windows7_x64

Purchase Order.exe

windows10-2004_x64

Sharing

General

Target

0d08d12c9a7238d1077353c6c2f5b8748ca4d1b8711df2c0552f8dfe25562215
Size

387KB
Sample

220520-2n7aqaffg9
MD5

7b4c90a1f577575c50a0b1cd243aebed
SHA1

2e711e4d3772751ce69c808836ed498bc86f9400
SHA256

0d08d12c9a7238d1077353c6c2f5b8748ca4d1b8711df2c0552f8dfe25562215
SHA512

8377f2fd9f9787cc0dbc59b3ad1088a1bef99edcc79c3a51de1564e523a6ac54a8d6d9f01d11dd95c65f88fd8197bec7d0c9fefe10ad75809dc6987cbbb7bb03

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Purchase Order.exe

Resource

win7-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Purchase Order.exe

Resource

win10v2004-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.capitalone-bank.org
Port:
587
Username:
[email protected]
Password:
u)aHYn*7

Targets

- Target
  
  Purchase Order.exe
- Size
  
  475KB
- MD5
  
  3daaba84ce640bfda2f7721ac24e8e32
- SHA1
  
  3d8ed4d6f598b796cef240e2696b7af988e06679
- SHA256
  
  04066d2aaa261814ebb764b76ec4977184b985cd0c56917145068aa37de50965
- SHA512
  
  71f69902f43be4e1c5fe0677f0c6021de6708bb0c76a43a78063fac2b0e0864e522ed1a0d0e3b944d5566409f4d6dd2332c62e4f803fd0f81f064d083fdfc1e1
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy