agenttesla | d020d94a282a227a1d43ad0a314dad79e9ae0dad754a23e8dfdcd70f7badfc8f | Triage

Submit
Reports

Overview

overview

Static

static

NEW ORDER.exe

windows7_x64

NEW ORDER.exe

windows10-2004_x64

Sharing

General

Target

d020d94a282a227a1d43ad0a314dad79e9ae0dad754a23e8dfdcd70f7badfc8f
Size

489KB
Sample

220520-3sgfjaccgk
MD5

1fcadfdae0a2e5cdfad61bdc3dc4adaf
SHA1

d6bccb8f95dc884047447cd0eaaf5d55e1f84c46
SHA256

d020d94a282a227a1d43ad0a314dad79e9ae0dad754a23e8dfdcd70f7badfc8f
SHA512

d932bc38638ca984f8a2536e5acac2229f9d501411c35be0851dac80ec4f3398b659d4201bf717522c400bb9445a3737245ad35b5901bb1dad6dc8ecff8b0a47

Score

10^/10

agenttesla collection keylogger persistence spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

NEW ORDER.exe

Resource

win7-20220414-en

agenttesla collection keylogger persistence spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

NEW ORDER.exe

Resource

win10v2004-20220414-en

agenttesla collection keylogger persistence spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.deepakengineers.co.in
Port:
587
Username:
[email protected]
Password:
rubina@@123*

Targets

- Target
  
  NEW ORDER.exe
- Size
  
  744KB
- MD5
  
  90e57ec2ce41a356068ce22d4849b5b0
- SHA1
  
  8b4ed2dc6506d578a037c2cb50a3562794f6fa19
- SHA256
  
  2ef6391d206ccd92009a213f15947d713e25340ec9ad6d402e5c47beb49558c3
- SHA512
  
  a5e72c2c88e65cb83140d80924ef59fefe199480232231b10f0f292d92a914b8fa2d2084b5dff09dc310415788488ece45bb045ba6c117bcf3d50d0f7d925a32
Score

10^/10

agenttesla collection keylogger persistence spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Accesses Microsoft Outlook profiles
  collection
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerpersistencespywarestealertrojan

behavioral2

agentteslacollectionkeyloggerpersistencespywarestealertrojan

© 2018-2024

Terms | Privacy