agenttesla | 08faf3ebd270f39ce947726573b16c022e385830676bb73edd2e7ccaf4ac1f96 | Triage

Sharing

General

Target

08faf3ebd270f39ce947726573b16c022e385830676bb73edd2e7ccaf4ac1f96
Size

340KB
Sample

221207-nnbl6ace59
MD5

5ecf7b57409e0684d29b08714b8c09f8
SHA1

16f96d4d32722f42736b622e5783f2c22c7383a3
SHA256

08faf3ebd270f39ce947726573b16c022e385830676bb73edd2e7ccaf4ac1f96
SHA512

09ded1799a68eec113805832554c56a0cbc4f6dfd98c4e5e21337f74d36ed19964ed8a6225c5878923a20c4f74472510f2f7d8751d67e64fd2319a05dbf28aa1
SSDEEP

6144:CDQ2EdE8FC6gW7wYzxbCIKXt3cEhon2Xvx3C9nUh1PQBjbrbh:/bDnNwYzxFKXhhs2XvxeUh1PQhbrbh

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Malware Config

Extracted

Credentials

Protocol: smtp
Host:
smtp.leonardfood.com
Port:
587
Username:
[email protected]
Password:
K@rimi95

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.leonardfood.com
Port:
587
Username:
[email protected]
Password:
K@rimi95
Email To:
[email protected]

Targets

- Target
  
  08faf3ebd270f39ce947726573b16c022e385830676bb73edd2e7ccaf4ac1f96
- Size
  
  340KB
- MD5
  
  5ecf7b57409e0684d29b08714b8c09f8
- SHA1
  
  16f96d4d32722f42736b622e5783f2c22c7383a3
- SHA256
  
  08faf3ebd270f39ce947726573b16c022e385830676bb73edd2e7ccaf4ac1f96
- SHA512
  
  09ded1799a68eec113805832554c56a0cbc4f6dfd98c4e5e21337f74d36ed19964ed8a6225c5878923a20c4f74472510f2f7d8751d67e64fd2319a05dbf28aa1
- SSDEEP
  
  6144:CDQ2EdE8FC6gW7wYzxbCIKXt3cEhon2Xvx3C9nUh1PQBjbrbh:/bDnNwYzxFKXhhs2XvxeUh1PQhbrbh
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Drops startup file
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan