agenttesla | 6ea6477df4f68912348e3f62b2b10e1f7e4375b31e309dc65953d7ba97aa2b93 | Triage

Submit
Reports

Overview

overview

Static

static

5

Halkbank_E...df.exe

windows7_x64

Halkbank_E...df.exe

windows10-2004_x64

Sharing

General

Target

6ea6477df4f68912348e3f62b2b10e1f7e4375b31e309dc65953d7ba97aa2b93
Size

1016KB
Sample

220521-m8fk6sgdan
MD5

0b221c844681aaa126d371cec2a417a1
SHA1

1ffbf53315d8d3b037469f79bedbb17dac213b43
SHA256

6ea6477df4f68912348e3f62b2b10e1f7e4375b31e309dc65953d7ba97aa2b93
SHA512

56533619a63a59ff97286a591c31167e56ca11000dff60bdf1d5115e0e2cc9cf8451011a9ccf9fa0bb0c47502666f506980344cb61283a94cd8ec18600886288

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Halkbank_Ekstre_20191415_081738_949589.pdf.exe

Resource

win7-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Halkbank_Ekstre_20191415_081738_949589.pdf.exe

Resource

win10v2004-20220414-en

agenttesla keylogger spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.coastalinternational.in
Port:
587
Username:
psvr@coastalinternational.in
Password:
r7i7t7h7u

Targets

- Target
  
  Halkbank_Ekstre_20191415_081738_949589.pdf.exe
- Size
  
  1.4MB
- MD5
  
  a398ef5ea99ae41cd4fa4532afb9cf44
- SHA1
  
  062aa42cc391ce1874e7975d928c97ac3364648b
- SHA256
  
  3ea259504667c2d255d44b50a4fe2d7906b819ee0d4ddf77b954ffbb57ec4277
- SHA512
  
  42b33d2dd93a427fd17517035dc68147ddafa0945a9ff1219a9086810dcc53f59d8cc2d7c4b07fb1f9c937f61520a837993e5b9f1f9a2ff3c78de67f70a90ab5
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy