agenttesla | 68ebe4d107eff8796332f172ae68bf57c4982722f43e28812cb2b6b43e067d46 | Triage

Submit
Reports

Overview

overview

Static

static

NEW ORDER ...20.exe

windows7_x64

NEW ORDER ...20.exe

windows10-2004_x64

Sharing

General

Target

68ebe4d107eff8796332f172ae68bf57c4982722f43e28812cb2b6b43e067d46
Size

365KB
Sample

220521-apcc7aaeg6
MD5

d1883c6e2b6f84515ab22949132b93a0
SHA1

293b9a7a58679d3d20d74cddc60fdfc4cbcf54e1
SHA256

68ebe4d107eff8796332f172ae68bf57c4982722f43e28812cb2b6b43e067d46
SHA512

2857f7db81d45af725bb6b61d7ade5946e89820ada56609bb086d21b6bfc2fe5cd9d35da06282c80d82a6477124f867e46ab1fab8de47ecce250d0a927442930

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

NEW ORDER Pl 05.08.20.exe

Resource

win7-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

NEW ORDER Pl 05.08.20.exe

Resource

win10v2004-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.yandex.com
Port:
587
Username:
[email protected]
Password:
faith12AB

Targets

- Target
  
  NEW ORDER Pl 05.08.20.exe
- Size
  
  405KB
- MD5
  
  e6b13801043a70e1283408b45e6dc618
- SHA1
  
  82ca5d3abdb96b87ffdb09ee9fe4a7a26a0b6fd5
- SHA256
  
  6dcfdbf37b4eda93ae3466ba898d3c33170c8f10886fbf548fb82a40145caa87
- SHA512
  
  e5f9baf9c416d6074e121302dee5dcfbf136d1dbdf05de781d2c85cc0e581523eebd35093f2bf7fe0772a34e366d68cdc243c7a6777cc01312aea223d5e97c30
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy