agenttesla | 64f53c937686e85e45ba96c09e4865bc747560e83d132cb9b6ef8c174948c98f | Triage

Submit
Reports

Overview

overview

Static

static

vbc.exe

windows7_x64

vbc.exe

windows10-2004_x64

Sharing

General

Target

vbc.exebqjzwqto
Size

887KB
Sample

220522-ghqessbghl
MD5

aa223c48d72371b24baf306eb49e7597
SHA1

8e44f69cb4bfea69da961ecc3e79f0673cd475f8
SHA256

64f53c937686e85e45ba96c09e4865bc747560e83d132cb9b6ef8c174948c98f
SHA512

26d67bb2fe920d91bafbcf6c1c5ab0a32cf590c2470bfd81440e5f88461e8bcee87d79219f14b4dd6c798602f3facf96177ea14f6a6eaf653092f40d95f3e8be

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

vbc.exe

Resource

win7-20220414-en

agenttesla keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

vbc.exe

Resource

win10v2004-20220414-en

agenttesla collection keylogger spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.botswanbuidtec.com
Port:
587
Username:
hen@botswanbuidtec.com
Password:
!tdB!ja2

Targets

- Target
  
  vbc.exebqjzwqto
- Size
  
  887KB
- MD5
  
  aa223c48d72371b24baf306eb49e7597
- SHA1
  
  8e44f69cb4bfea69da961ecc3e79f0673cd475f8
- SHA256
  
  64f53c937686e85e45ba96c09e4865bc747560e83d132cb9b6ef8c174948c98f
- SHA512
  
  26d67bb2fe920d91bafbcf6c1c5ab0a32cf590c2470bfd81440e5f88461e8bcee87d79219f14b4dd6c798602f3facf96177ea14f6a6eaf653092f40d95f3e8be
Score

10^/10

agenttesla keylogger spyware stealer trojan collection
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla Payload
- Uses the VBS compiler for execution
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy