agenttesla | 287b960d3db25c42d2340efd154346bc7aaa18e8ee4aadcdd0813d46eb6ea565 | Triage

Submit
Reports

Overview

overview

Static

static

SC4305132020.exe

windows7_x64

SC4305132020.exe

windows10-2004_x64

Sharing

General

Target

287b960d3db25c42d2340efd154346bc7aaa18e8ee4aadcdd0813d46eb6ea565
Size

400KB
Sample

220521-bw9gyacfb4
MD5

d863a43a7aaf50dbbd8a611a45447734
SHA1

94a014f105037566755a8e6175649eb429353fb9
SHA256

287b960d3db25c42d2340efd154346bc7aaa18e8ee4aadcdd0813d46eb6ea565
SHA512

f1aa0d0646b743f4899ed560281bc0fde676e42c89398ab72314a257747e6dc6bbdbb479cf71c71442180c29386e3a3f569e21648a39831c6bdbe6d20bb142f4

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

SC4305132020.exe

Resource

win7-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SC4305132020.exe

Resource

win10v2004-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
us2.smtp.mailhostbox.com
Port:
587
Username:
[email protected]
Password:
e!Wcqa%07pK~

Extracted

Credentials

Protocol: smtp
Host:
us2.smtp.mailhostbox.com
Port:
587
Username:
[email protected]
Password:
e!Wcqa%07pK~

Targets

- Target
  
  SC4305132020.exe
- Size
  
  423KB
- MD5
  
  1476ce63f946c85745c3c03723252ef0
- SHA1
  
  01270d77e8b7bfa61963e84e4e1340eb5946f6f1
- SHA256
  
  57c1873ebd6818c6fb4425f51ca1a2450bf4da0dc4a3269e637dfe1ea13dc42a
- SHA512
  
  395043e6135b8cf82a16fffa8478b1d42e5f5c4efe962f461eab448f26fd1596c22c32738ab95d35142238da88d8cf745448950d786152bf52364ced0b3db673
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy