agenttesla | c87f68973afe4593112f45c032b7def728572d3644732796da400183f55e497e | Triage

Submit
Reports

Overview

overview

Static

static

Payment Copy.exe

windows7_x64

Payment Copy.exe

windows10-2004_x64

Sharing

General

Target

c87f68973afe4593112f45c032b7def728572d3644732796da400183f55e497e
Size

400KB
Sample

220520-2v83wsgah9
MD5

4b37efafd32bb4d886be24c1c389ec47
SHA1

79c9e6967882d3e654b9228e35c0599c736a111c
SHA256

c87f68973afe4593112f45c032b7def728572d3644732796da400183f55e497e
SHA512

ac14cb947cdeee7e2b747e43d0a2f6f8ee69d842da18cb12dca9f3a4f28a56dfffd7cc6f192e26ead2b8ded951e171dc9236162c132dbe9fd306c170c216e737

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Payment Copy.exe

Resource

win7-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Payment Copy.exe

Resource

win10v2004-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.yandex.com
Port:
587
Username:
[email protected]
Password:
faith12AB

Extracted

Credentials

Protocol: smtp
Host:
smtp.yandex.com
Port:
587
Username:
[email protected]
Password:
faith12AB

Targets

- Target
  
  Payment Copy.exe
- Size
  
  452KB
- MD5
  
  438fa68e16990f2a1a6eaa95b8c2629d
- SHA1
  
  d7b484ee901dfc35faa09329ca23a4d8b21e08da
- SHA256
  
  de220e5a7e02157176ce70c66c7221fb3ebc71acb23acb252261375a2f918425
- SHA512
  
  e8ff0ee08732d8bf3af64a00bff23ea659bfeb5ca7843120576b1455c4671e1c21543e463197c7abd5a007fdce367376019ba047202c15821a5d0b2299958fbd
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy