agenttesla | 0e270cbe90f14a94665f2b58ea7f08f75bb0911d5ea34f545e85b25e05b9ef3c | Triage

Sharing

General

Target

0e270cbe90f14a94665f2b58ea7f08f75bb0911d5ea34f545e85b25e05b9ef3c
Size

811KB
Sample

221129-vt1a2ahf85
MD5

06e5b260a46bb246f880efc5efa728d0
SHA1

79fd1c175bbebfd2da001737058b414037afa2cf
SHA256

0e270cbe90f14a94665f2b58ea7f08f75bb0911d5ea34f545e85b25e05b9ef3c
SHA512

e6bbde56a7141c0d56a6c4401982c1e28880572bd55dc477fe7a4625d1acfd66cace7c8ca656fdd489f55cf20804728c5df71a23194091dbc4be26f012b74623
SSDEEP

12288:yOvLqqqI5wajON3Qv+DEKkC9Jd3WTOKXraVWs84UAhAfFkw4oi5kS+:jqqbjONgv+VZUJXraV784hAKjo

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.eslinaasansor.com.tr
Port:
587
Username:
info@eslinaasansor.com.tr
Password:
eslina2020info
Email To:
bbom38886@gmail.com

Targets

- Target
  
  0e270cbe90f14a94665f2b58ea7f08f75bb0911d5ea34f545e85b25e05b9ef3c
- Size
  
  811KB
- MD5
  
  06e5b260a46bb246f880efc5efa728d0
- SHA1
  
  79fd1c175bbebfd2da001737058b414037afa2cf
- SHA256
  
  0e270cbe90f14a94665f2b58ea7f08f75bb0911d5ea34f545e85b25e05b9ef3c
- SHA512
  
  e6bbde56a7141c0d56a6c4401982c1e28880572bd55dc477fe7a4625d1acfd66cace7c8ca656fdd489f55cf20804728c5df71a23194091dbc4be26f012b74623
- SSDEEP
  
  12288:yOvLqqqI5wajON3Qv+DEKkC9Jd3WTOKXraVWs84UAhAfFkw4oi5kS+:jqqbjONgv+VZUJXraV784hAKjo
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan