agenttesla | 331ea80d27c5da40c1477567abd7124c2e65d0ff805154bedbd21111a3d92eac | Triage

Submit
Reports

Overview

overview

Static

static

5

New Order #000110.exe

windows7_x64

New Order #000110.exe

windows10-2004_x64

Sharing

General

Target

331ea80d27c5da40c1477567abd7124c2e65d0ff805154bedbd21111a3d92eac
Size

1.0MB
Sample

220521-mne4xafbhn
MD5

8b1c47679d64f9ef799581d4d31273d4
SHA1

a94638e573244de63df8dc361135b025f3874825
SHA256

331ea80d27c5da40c1477567abd7124c2e65d0ff805154bedbd21111a3d92eac
SHA512

561d05cc8b5d3873e739942c55bf03c0d03ccb97ed08ccd452fd5efd2501f0207e2d955ba773b709243045bc15b184d116b9967b6d2c61e8c56d01e5e1c6b521

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

New Order #000110.exe

Resource

win7-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

New Order #000110.exe

Resource

win10v2004-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.elkat.com.my
Port:
587
Username:
sales@elkat.com.my
Password:
$9921%sales

Targets

- Target
  
  New Order #000110.exe
- Size
  
  1.5MB
- MD5
  
  718bde8c24b428a31040e663ce4bf09a
- SHA1
  
  fdbf530adac7c52bbcc1d9e27776edd029279368
- SHA256
  
  005f9471feeb0047d099b569c4c73b448218a8b2e24b4bffcc1e91b324adc61e
- SHA512
  
  2aae32779dc2dfff49fb21867b255fdc6dbdfb5176bca4326c4ecaa1da7baa3c1c1fc5c860bd5ba0c6948628361a82fd7cf19fb5881fdb8100746a2f2c41c095
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy