agenttesla | c458e9e5a1e5da79825a44921e3d86d8f0b3688eff84869c18786b3fe61a16f2 | Triage

Submit
Reports

Overview

overview

Static

static

NEW ORDER ...20.exe

windows7_x64

NEW ORDER ...20.exe

windows10-2004_x64

Sharing

General

Target

c458e9e5a1e5da79825a44921e3d86d8f0b3688eff84869c18786b3fe61a16f2
Size

369KB
Sample

220520-3brvyagfa2
MD5

49c45b25103240636a1fd411e3356342
SHA1

305deb2471f6807ef82738d73ce8f330a1af5483
SHA256

c458e9e5a1e5da79825a44921e3d86d8f0b3688eff84869c18786b3fe61a16f2
SHA512

a13ace7e4e55550584374327a20e8cf3e5ac07e6ca73ba02519d7ad95beef15692b29aa04f609d163d94dad3b2d5cb3619ed4108c764b46e9b8a6346dbb4efe4

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

NEW ORDER Pl 05.08.20.exe

Resource

win7-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

NEW ORDER Pl 05.08.20.exe

Resource

win10v2004-20220414-en

agenttesla keylogger spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.yandex.com
Port:
587
Username:
[email protected]
Password:
faith12AB

Targets

- Target
  
  NEW ORDER Pl 05.08.20.exe
- Size
  
  435KB
- MD5
  
  958d68454f83e8b9a187d3622ef1c326
- SHA1
  
  7fad85133882781e41f78ae2aaf2a47aaf812f74
- SHA256
  
  77bbe59685fd4ba30b0f14c6471ba479adbe790de6499c7ea2370b2055fcc9c3
- SHA512
  
  d24af9a0870703abd9ac6974d5fd716b38e941237ba036cbe0e0c65e6b341161c8f6c413fc4977f2bedd68a42cdc15b4ef11e0c9a06097d374f1bec7a6e1235c
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy