agenttesla | 40a48007e9bc524140d372814fcd7e03cbb2edd0689d03b4efe91aeefe7b7acd | Triage

Submit
Reports

Overview

overview

Static

static

POs 097663....r.exe

windows7_x64

POs 097663....r.exe

windows10-2004_x64

Sharing

General

Target

40a48007e9bc524140d372814fcd7e03cbb2edd0689d03b4efe91aeefe7b7acd
Size

364KB
Sample

220521-pxrkeagbd4
MD5

17a7442de0c8ba25ceb7aaeb4a0c6610
SHA1

cf133f9a3a49567f3591734b250839043bd7d31d
SHA256

40a48007e9bc524140d372814fcd7e03cbb2edd0689d03b4efe91aeefe7b7acd
SHA512

e8e78d15a0ea3c819cce6961dc7117402b1db155f7ef74530d30a4b0df1f1135dd96f28e9c4452d2f4e348fb341f33daff4002e378e9ca2687cd339c7ed2039f

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

POs 097663899 NEW ORDER.r.exe

Resource

win7-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

POs 097663899 NEW ORDER.r.exe

Resource

win10v2004-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.parshavayealborz.com
Port:
587
Username:
info@parshavayealborz.com
Password:
P@rshava123456

Targets

- Target
  
  POs 097663899 NEW ORDER.r.exe
- Size
  
  399KB
- MD5
  
  610a2a3c8ff25649bb8d64f028d657fe
- SHA1
  
  939d2ffc7e123a061c3ecae244f618f2303c8d29
- SHA256
  
  eea3d6de7952101ff57da6f48ea85ecdbaf71bf5027d0d20478021d842a21101
- SHA512
  
  2d0ab260a7bb2a04a6bb40b68b8d67f8444eaee650d5204b1dd92b2541e4241085cb01e802a73c9d6bc41af33c1b7591b5736bcc0253c247964e2c53ed7c62ba
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Drops file in Drivers directory
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy