agenttesla | d4bc55a7eebee915f86f2beb1347f613654a33d0797ac10e1e58a94614a7e408 | Triage

Submit
Reports

Overview

overview

Static

static

DOCUMENTS.exe

windows7_x64

DOCUMENTS.exe

windows10-2004_x64

Sharing

General

Target

d4bc55a7eebee915f86f2beb1347f613654a33d0797ac10e1e58a94614a7e408
Size

440KB
Sample

220521-nzdkwshebn
MD5

96492b77de3c6d0f6445bb9bf17d3e42
SHA1

3bb890fc74cc6716955aee45e8ad98ea397918f3
SHA256

d4bc55a7eebee915f86f2beb1347f613654a33d0797ac10e1e58a94614a7e408
SHA512

4f1dba6ef81f3e9bf241cde558924a36e61868e389e1e345f25166b48a570f0caa7b914b1798430b5fb52672a950afe6a1b88d9cf864dfc8299670ccc69e9461

Score

10^/10

agenttesla collection keylogger rezer0 spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

DOCUMENTS.exe

Resource

win7-20220414-en

agenttesla collection keylogger rezer0 spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

DOCUMENTS.exe

Resource

win10v2004-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
us2.smtp.mailhostbox.com
Port:
587
Username:
midnapore@mpjewellers.com
Password:
mpjw2013

Targets

- Target
  
  DOCUMENTS.exe
- Size
  
  459KB
- MD5
  
  ab454b4f47b4848029dcc17081b020e5
- SHA1
  
  455a51a8baaf8e200ad26868763d616bcba760de
- SHA256
  
  33708f02e31c62d1b986589982e4e1c4f381089b67276d395a0e74c995a1e822
- SHA512
  
  e9f254a2ed7835a0b83553caab55347d99f51d7aeb4ee54fcfdc8dafc89a47feec9eb663d008f9ba40ee01b2e8f97c529cac3be4f282d863db07968a5f236a4a
Score

10^/10

agenttesla collection keylogger rezer0 spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- ReZer0 packer
  Detects ReZer0, a packer with multiple versions used in various campaigns.
  rezer0
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerrezer0spywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy