7fcc7dbe57a4045b1566788a242f89dfe4d971d63e7154b6e697b848594eff26

Target

Size

554KB

Sample

220521-pwakhagaf8

Score

10 ^/10

MD5

e988fe354986a1b9f4af998f6dd0ab56

SHA1

11f7c99f34bd92158450da0b282b15cb7ac2ccb6

SHA256

7fcc7dbe57a4045b1566788a242f89dfe4d971d63e7154b6e697b848594eff26

SHA512

b731b3d080edb28ebc0347f252d7d852671e8c208f6b65f089a85027d82e12531d63d559417093536ff9bffe0d1d65c5feebf782c53644dca7454d2f2e51ac3b

Extracted

Family	agenttesla
Credentials	Protocol: smtp Host: mail.privateemail.com Port: 587 Username: admin@mafo.cc Password: success21

Extracted

Credentials

Protocol: smtp

Host: mail.privateemail.com

Port: 587

Username: admin@mafo.cc

Password: success21

Target

PO-Jiehong20959481.exe

MD5

ff286368558ae7854524c438ad15702b

Filesize

665KB

Score

10^/10

SHA1

d15e322714b7c85266ea053c535ff73f4349476a

SHA256

b642527e686b781a602fb322e7d34d0f18748778de42a0e3774d9990a71e2c92

SHA512

cc97e0232e3537929c8ba50eabb2f61ecc0cb29faac8ed970fd632a8784d4c789b3964f5a141d98667bf8379846b281bda0f0c29d872a50a3612d513de572f96

Signatures

AgentTesla
Description

Agent Tesla is a remote access tool (RAT) written in visual basic.
Tags

keylogger trojan stealer spyware agenttesla
AgentTesla Payload
Accesses Microsoft Outlook profiles
Tags

collection

TTPs

Email Collection
Suspicious use of SetThreadContext

Related Tasks

behavioral1 behavioral2

Collection

Email Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

static1

behavioral1

agenttesla collection keylogger spyware stealer trojan

10^/10

behavioral2

agenttesla collection keylogger spyware stealer trojan

10^/10

Extracted

Extracted

Tags

Signatures

AgentTesla

Description

Tags

AgentTesla Payload

Accesses Microsoft Outlook profiles

Tags

TTPs

Suspicious use of SetThreadContext

Related Tasks

static1

behavioral1

behavioral2