agenttesla | d245b8f7b96be20c39a84e11d19a770b6dc3155ccbe668843bd4682f262bc174 | Triage

Submit
Reports

Overview

overview

Static

static

Payment Copy.exe

windows7_x64

Payment Copy.exe

windows10-2004_x64

Sharing

General

Target

d245b8f7b96be20c39a84e11d19a770b6dc3155ccbe668843bd4682f262bc174
Size

364KB
Sample

220521-mm1n8acaf2
MD5

8b1f0a00024f52d85c298a0f323836cc
SHA1

8f113d26aa23fbc55f4027f7261b359df3f129c3
SHA256

d245b8f7b96be20c39a84e11d19a770b6dc3155ccbe668843bd4682f262bc174
SHA512

c4448f4fb7caea0a36f0634f97bba1bd283412c32517cdba0df17c5630cde09b0d3e78665cd8511db8d32f4990cd520d191025ac9865863795fdccde90f7ee12

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Payment Copy.exe

Resource

win7-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Payment Copy.exe

Resource

win10v2004-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.chenklins.com
Port:
587
Username:
[email protected]
Password:
WIMo-3%Zv,N.

Targets

- Target
  
  Payment Copy.exe
- Size
  
  510KB
- MD5
  
  f554bb70eb38b2cdf9612469ba094651
- SHA1
  
  b40eb3a92f67f8a2206cf74d4caaa7a7f8b9d64b
- SHA256
  
  464e7363198201699fa0503be713d1776fb07eefc63830cd08494f26ec93ba8b
- SHA512
  
  281aca43b9c52eddfc0dfe2c15d7c852680f33a9c3d8fdf39e56b4ad723e4853ef85270100fa6b25963d254a6c62e836ddde67592f683d425f34f73a530ecee5
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy