agenttesla | 82473594a1a5a15f9e84f162af35eaef34f0e5607e63735edeb0e2ac31aab373 | Triage

Submit
Reports

Overview

overview

Static

static

NEW ORDER ...20.exe

windows7_x64

NEW ORDER ...20.exe

windows10-2004_x64

Sharing

General

Target

82473594a1a5a15f9e84f162af35eaef34f0e5607e63735edeb0e2ac31aab373
Size

470KB
Sample

220521-neyekaggam
MD5

65632bbb23416cadf0413459c20a4f39
SHA1

f73df6d3e052d9bc5b651a34aca51ce591a02bd5
SHA256

82473594a1a5a15f9e84f162af35eaef34f0e5607e63735edeb0e2ac31aab373
SHA512

7d57322d847fd9d0fe87b0d245f264c580c32e320b7523f40d48979e0ca572bbb3115bab8269a9bd1c53de8a9faf5156e5e1810983257bc856d13bca9894c8a0

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

NEW ORDER Pl 06.08.20.exe

Resource

win7-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

NEW ORDER Pl 06.08.20.exe

Resource

win10v2004-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.yandex.com
Port:
587
Username:
[email protected]
Password:
faith12AB

Targets

- Target
  
  NEW ORDER Pl 06.08.20.exe
- Size
  
  582KB
- MD5
  
  620c91bd6a1f70ede3ba074dfccb4b60
- SHA1
  
  255e6482473b553cdfc9636ace7c0ae052efeb6d
- SHA256
  
  eeb4f768e371b2ac1f885fb5f615ea391cd0272916e1d6dad21bf944c0091534
- SHA512
  
  cf5543df5388bbcee31b3322738325c8946bc3bfc5e18615e8bcc5e1f91003af6e2b382b75dbf651d9b037b30b11bf1e9b13c216ce52e3d6573e1295e48dd951
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy