agenttesla

General

Target

ddfc12e7ddadb59e36eb29c5326e58ba8cc486e61acb83d9ecac404fa61c7739
Size

478KB
Sample

220520-3n9xaacbel
MD5

7dbeb863faec34130464e34805f54777
SHA1

ea43c7fd0b6bef1634f1792d525c50ba1e12837a
SHA256

ddfc12e7ddadb59e36eb29c5326e58ba8cc486e61acb83d9ecac404fa61c7739
SHA512

bfe44ba941ca88622087388ef30b1cb082c667fbc646443181ee87a360acf584e44cf14966839523099f8b9a07cf425047cc13c36606a21b586ecf16463eac85

Score

10^/10

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.yandex.com
Port:
587
Username:
[email protected]
Password:
challenge12345@

Extracted

Credentials

Protocol: smtp
Host:
smtp.yandex.com
Port:
587
Username:
[email protected]
Password:
challenge12345@

Targets

- Target
  
  Scope Of Work.exe
- Size
  
  503KB
- MD5
  
  d8e9997b8872315a2982bc9418f14630
- SHA1
  
  4739fa281a70c2989c7b03f72c928780cef6a25f
- SHA256
  
  d506b23a03a75b6f7c9a10613a6b62da0acaae363ca72523e8e1cdecb2b7f2b0
- SHA512
  
  5b58f8e7439bd92a2fa3ed0384754dc094a03f51f66f4cfb2e1e7b5c63188342c7eaf194a2f7763a3f2bcf68174af71404874ddac24e0a27dd0264b1b9279805
Score

10^/10

agenttesla collection keylogger persistence spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Accesses Microsoft Outlook profiles
  collection
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1

T1060

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1

T1114

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

AgentTesla Payload

Accesses Microsoft Outlook profiles

Adds Run key to start application

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2