agenttesla | 9f90e8fd57a6d5aba3a7a001972de67ef6065f8d92aa0df0a8ad37be7d5e18cd | Triage

Submit
Reports

Overview

overview

Static

static

Signed Inv...nt.exe

windows7_x64

Signed Inv...nt.exe

windows10-2004_x64

Sharing

General

Target

9f90e8fd57a6d5aba3a7a001972de67ef6065f8d92aa0df0a8ad37be7d5e18cd
Size

411KB
Sample

220521-abvbvahhh7
MD5

2d84b48add3b7b5799867a1b76076128
SHA1

fc12899375422bbbdf056f14c0e20186ce16923b
SHA256

9f90e8fd57a6d5aba3a7a001972de67ef6065f8d92aa0df0a8ad37be7d5e18cd
SHA512

9886bf27eb739af3eea8d0f22dd99591e5a944d1987e26af6697ea994a405aa7807b481dc510aa7862f8cb878aed0cceface99d28b0302f13d75f691376fcbc5

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Signed Invoice, Shipment and Payment.exe

Resource

win7-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Signed Invoice, Shipment and Payment.exe

Resource

win10v2004-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.yandex.com
Port:
587
Username:
[email protected]
Password:
HighKEY@#@@#

Targets

- Target
  
  Signed Invoice, Shipment and Payment.exe
- Size
  
  453KB
- MD5
  
  c7a425e4de5f5e6bf65547a72db0f972
- SHA1
  
  8899da2c5576fc11920dfede5330dc868e1b6b65
- SHA256
  
  c79e56ff3aa04021d7c99b5d638034780cafce941ff6039fb3bae407c1257e54
- SHA512
  
  95f0202a7c9a74bfb365c28acd710b9171b69beccdcd45bc387123e98b8dfab9f398ab39b8ba2fb9e3a5a1634b37949daf5b5eaad83560c502506b6862510da3
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy