agenttesla | 62987725dfdcf1c479dcc003d92b214665011d38937c5de00ac11f963d4d55dd | Triage

Sharing

General

Target

Yph3Jd-c8cR53MAD2SshRmUBHTiTfF3gCsEflj1NVd0.bin
Size

644KB
Sample

221129-nze4qafc89
MD5

176bc03ca22db45cc806f17b1fab1119
SHA1

41926bfbdd49004c23e82b07c6a99bf0389f085b
SHA256

62987725dfdcf1c479dcc003d92b214665011d38937c5de00ac11f963d4d55dd
SHA512

2674a47b24c75023f758587f67046fc8f3b5c67a5727ce6ae24163579ea19084a110a79fb137ea556cc7dff96522f6ac921cd7d7468d17a3c20ddb47e5a1cabf
SSDEEP

12288:duc8pbKbfb4NWtEuF35ojcLW6f7YbCSeyRxKY1+:dFabKogtEw3yjcS6DYbdRxKY

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.mail.com
Port:
587
Username:
sebastienj_newdirections.au@mail.com
Password:
millions2022

Targets

- Target
  
  Yph3Jd-c8cR53MAD2SshRmUBHTiTfF3gCsEflj1NVd0.bin
- Size
  
  644KB
- MD5
  
  176bc03ca22db45cc806f17b1fab1119
- SHA1
  
  41926bfbdd49004c23e82b07c6a99bf0389f085b
- SHA256
  
  62987725dfdcf1c479dcc003d92b214665011d38937c5de00ac11f963d4d55dd
- SHA512
  
  2674a47b24c75023f758587f67046fc8f3b5c67a5727ce6ae24163579ea19084a110a79fb137ea556cc7dff96522f6ac921cd7d7468d17a3c20ddb47e5a1cabf
- SSDEEP
  
  12288:duc8pbKbfb4NWtEuF35ojcLW6f7YbCSeyRxKY1+:dFabKogtEw3yjcS6DYbdRxKY
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan