agenttesla | 6ef674a53af20825d4f58038e4d73b15a0bfda03a38f72c28d01df0017c55446 | Triage

Submit
Reports

Overview

overview

Static

static

5

RFQ-BE2100.exe

windows7_x64

RFQ-BE2100.exe

windows10-2004_x64

Sharing

General

Target

6ef674a53af20825d4f58038e4d73b15a0bfda03a38f72c28d01df0017c55446
Size

1.1MB
Sample

220521-mnf17sfbhp
MD5

7953a356257d6c70a95d698777c534ab
SHA1

91f49f57c97c0916969eeb46e0dcbde67463f8b3
SHA256

6ef674a53af20825d4f58038e4d73b15a0bfda03a38f72c28d01df0017c55446
SHA512

0acdac848fb6d231027fe2695b38de6cadc5cc5f39cba15e31bb6ce23a737369cc336ec94543ef1d232b002b3f4d12e4cb886254d741a79f2f03f7e1dcabef92

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

RFQ-BE2100.exe

Resource

win7-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

RFQ-BE2100.exe

Resource

win10v2004-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.coastalinternational.in
Port:
587
Username:
[email protected]
Password:
r7i7t7h7u

Targets

- Target
  
  RFQ-BE2100.exe
- Size
  
  1.5MB
- MD5
  
  5d5cbf47ab3f53d8cfaaea4824ecfa95
- SHA1
  
  176e5f18435b5aa25c5a355b43eb82897e82b367
- SHA256
  
  42f7c2e83a58bc634ca3953f74a959e42d5124e2e09bf4c8e76ae285c61f784d
- SHA512
  
  2ddcdda605e55d3fe1d6b050ab4012bffc0a1ed90bedfd1df666f649e9886717cdb38ea99efba20e3b71f09d9e120ae5dea8416116393112fc2424f607e3c790
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy