agenttesla | c85e4b430caad88c5630227ab6c775e6961e85e0efb2d6813c833a0b4a24507b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df56781656a194f03072f7039f5a7ea1.bin
Size

515KB
Sample

230525-cca1psgb7y
MD5

b2cec47a6b7a0514e92a5085f9b41158
SHA1

184c1638caabe50d5f01b62d23212fceca80d2f0
SHA256

c85e4b430caad88c5630227ab6c775e6961e85e0efb2d6813c833a0b4a24507b
SHA512

b5c854c69f725cb108854edb78bd731e5ba7fb6a7bd6d45f36b214e9ae24a36fbc32fcfed290926825aa48adc16fc5d83197ad62db3f823aa6874c2348cdb511
SSDEEP

12288:H+UlrAldz4L/iT5jBTkmU0QP9vJB2UfQrFwFr5mq41LuO+i4H181:HgldzV9jBDU0sr2PFYZ41LuO+u

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
sarahfoils.com
Port:
587
Username:
[email protected]
Password:
Scalatica01
Email To:
[email protected]

Targets

- Target
  
  60a107b83a792df4cafbe67547cf3663ee3e2277572f8778bb78bd226d9188d8.exe
- Size
  
  803KB
- MD5
  
  df56781656a194f03072f7039f5a7ea1
- SHA1
  
  d48bf6de495b4a0d0525c28eba875473654765f4
- SHA256
  
  60a107b83a792df4cafbe67547cf3663ee3e2277572f8778bb78bd226d9188d8
- SHA512
  
  641ebae2405c46ccb41e8c2bbdbd89b1bd5206fe40e6cb57de2e44a1749cfd8f332b5697e6d9c18769c322e2d746de08e94e36be9c53f1a9ce3ec53791a100a5
- SSDEEP
  
  12288:Aq5iTB2QwUKIpcJMfcVpwGRYaaJwKuA3rChEJxnp:AqmX2+cVpWDJwKx3rvD
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan