agenttesla | e2a7702dd3c5b857f52bff7266c66af153cd4a2b225c568afc19acb58a22ba25 | Triage

Submit
Reports

Overview

overview

Static

static

Crypted chidubem.exe

windows7_x64

Crypted chidubem.exe

windows10-2004_x64

Sharing

General

Target

e2a7702dd3c5b857f52bff7266c66af153cd4a2b225c568afc19acb58a22ba25
Size

421KB
Sample

220521-nyy57shdhk
MD5

987c39e404770061c4d6df4b2802dde0
SHA1

ca39a153c9d87adc0195801e961a396948fa433d
SHA256

e2a7702dd3c5b857f52bff7266c66af153cd4a2b225c568afc19acb58a22ba25
SHA512

6caebc2df56043191ef9cde0323d2164c082db0ad07e044d1cc06a848f94add5212f8268ecb80e4bb4354710bd604c53d4aff534067a8e5e329dc9dc86a2f900

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Crypted chidubem.exe

Resource

win7-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Crypted chidubem.exe

Resource

win10v2004-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.ggdbandas.com
Port:
587
Username:
anaberta.santander@ggdbandas.com
Password:
Anita.2018

Targets

- Target
  
  Crypted chidubem.exe
- Size
  
  499KB
- MD5
  
  bd90b937f05109eca2c51d7c4f1bf35f
- SHA1
  
  3b97193151af016a51b712590bb6c1d796581300
- SHA256
  
  35d8fbdb864d9104dd1a9f05fe522b27bb6d278ea993a7863b298b66df06636b
- SHA512
  
  a3105130104e7cb061d2da7996bc16faf7247fca48ecbbffbba67a9b6d96c1cdd42614c833d7f1ccbade5c9af211c01f3f6f7fc535a315f6202299b5f82f2ef7
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy