agenttesla | d1e7e6f643a524cf88ca21a88dd0e303b8e330334ac12ca4e61cf859bf039175 | Triage

Submit
Reports

Overview

overview

Static

static

5

RFQ-ORDER ...26.exe

windows7_x64

RFQ-ORDER ...26.exe

windows10-2004_x64

Sharing

General

Target

d1e7e6f643a524cf88ca21a88dd0e303b8e330334ac12ca4e61cf859bf039175
Size

1.0MB
Sample

220521-mm42msfbgm
MD5

8d08b615b74d61c54fb6e6b82004d8f8
SHA1

6c51c9b67296c823282af009b348f30cb30d4bed
SHA256

d1e7e6f643a524cf88ca21a88dd0e303b8e330334ac12ca4e61cf859bf039175
SHA512

9757be6ff907949035cf7519f2ac6e3483cc414f43363ed6134d8a0669f99ddd05e396b7d4dec5bd8ad8965dc97763f69c6958505dc90a8c6b223349a94b77b0

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

RFQ-ORDER NO. 8326.exe

Resource

win7-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

RFQ-ORDER NO. 8326.exe

Resource

win10v2004-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.pharco--corp.com
Port:
587
Username:
[email protected]
Password:
(UxyAlp7

Targets

- Target
  
  RFQ-ORDER NO. 8326.exe
- Size
  
  1.4MB
- MD5
  
  767658d77b605751797d9910d21c45ea
- SHA1
  
  0855e88973a5d2a2ec52f1dcca3f6fd93b6ce439
- SHA256
  
  5e78ea677a053e6a02b66b50efdabde81043d3559fce740496c7beb1983200a6
- SHA512
  
  e5f4ab0c51fae4d78216ae1237baf5d9b2abed9d5aa3790113c2f6d3a688e821be69f18678bac5cf0c39c6cd8af036fa459fcddc78a0f4d33a4dc9238f1e161b
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy