agenttesla | 54f5db84364070302b1318b7a9cb9946461813adf9fcb150c8f89227e2cc9cfe | Triage

Sharing

General

Target

3d602ac9546bafb6fcf39cc00e48481f.exe
Size

878KB
Sample

221204-m1n8cafh4v
MD5

3d602ac9546bafb6fcf39cc00e48481f
SHA1

3f8f4b72737021102ef4f6dfcdefa2d0c2df2a82
SHA256

54f5db84364070302b1318b7a9cb9946461813adf9fcb150c8f89227e2cc9cfe
SHA512

bd97b727a42447b13043e99e457e19139293480b07a830f1c3ad9c699c6cf7a8e603b41ff136e39d750918104c146d692f6692581c37219b9e9e3d286c87c972
SSDEEP

12288:6F0wOZQAUkg586aWHffbwbEi/KBit/0tE0GdRVrPgEWUWBKHV/cjwLc+7DY02yS:w9B5O8fbMPimaGd/xWauwLS

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.gmail.com
Port:
587
Username:
[email protected]
Password:
hnxqezadblabdsss

Targets

- Target
  
  3d602ac9546bafb6fcf39cc00e48481f.exe
- Size
  
  878KB
- MD5
  
  3d602ac9546bafb6fcf39cc00e48481f
- SHA1
  
  3f8f4b72737021102ef4f6dfcdefa2d0c2df2a82
- SHA256
  
  54f5db84364070302b1318b7a9cb9946461813adf9fcb150c8f89227e2cc9cfe
- SHA512
  
  bd97b727a42447b13043e99e457e19139293480b07a830f1c3ad9c699c6cf7a8e603b41ff136e39d750918104c146d692f6692581c37219b9e9e3d286c87c972
- SSDEEP
  
  12288:6F0wOZQAUkg586aWHffbwbEi/KBit/0tE0GdRVrPgEWUWBKHV/cjwLc+7DY02yS:w9B5O8fbMPimaGd/xWauwLS
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan