agenttesla | 98af6be3b08e9d1b2e912c1143b8273324a8cfaa89f72763e527d76f2729af04 | Triage

Submit
Reports

Overview

overview

Static

static

FedEx_Parcel.exe

windows7_x64

FedEx_Parcel.exe

windows10-2004_x64

Sharing

General

Target

98af6be3b08e9d1b2e912c1143b8273324a8cfaa89f72763e527d76f2729af04
Size

510KB
Sample

220521-cyh87seff8
MD5

ea4257965c455555fd46aa787dc429b1
SHA1

fa0b38b51eec367c5b43a189f7eb9101e306484f
SHA256

98af6be3b08e9d1b2e912c1143b8273324a8cfaa89f72763e527d76f2729af04
SHA512

97cd5e81928494c096a1c2dfa2e7ec3b4711c9cf439c937a5d27e381d0ba52fe6ab61ca0565d47a37fd36b330128fc5c1e02620d5f00944f80cd131c84893b30

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

FedEx_Parcel.exe

Resource

win7-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

FedEx_Parcel.exe

Resource

win10v2004-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.privateemail.com
Port:
587
Username:
[email protected]
Password:
111aaa

Extracted

Credentials

Protocol: smtp
Host:
mail.privateemail.com
Port:
587
Username:
[email protected]
Password:
111aaa

Targets

- Target
  
  FedEx_Parcel.exe
- Size
  
  449KB
- MD5
  
  3044886193d9035599e973740d4e6377
- SHA1
  
  0f3bec61d7db1c38cc65aaa26aeb1c65a161282c
- SHA256
  
  7fdde0d904ccb6ddad0e318c409cce3385c32aebc290607361b879d617322ade
- SHA512
  
  21feca320ffc4e2dc6beb0f2ed6200c4f83359a9da1ecd1a8523bf75e077c50b6708ac7f9e201436663af3e95bb297a0239e96185467560110f99941bfa1dbc1
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy