agenttesla | bf41e07f38fbdce181613bf7425843a84f0d7cf5ff43858418e566b0ee9a429e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PO-230151.exe
Size

252KB
Sample

230824-p8p6qaeb9y
MD5

cd520ab59400de42821c982466a9d155
SHA1

f7fa58a0deda5443f607b18fd02fad021e890a34
SHA256

bf41e07f38fbdce181613bf7425843a84f0d7cf5ff43858418e566b0ee9a429e
SHA512

5bbd25dd255e9575f1b581fd5e5626ea63788e1996f49b90cb61c10c8ce8766e07573c2c873645d95015982bb27c6ba6ffe582eb735cdc6502e386523e998a4f
SSDEEP

3072:+NV682LersDM/Q/qx+9wqY+mhhhmitqOj2fxvPXj5:w2LersDGQ/qxKi2vj5

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.mbarieservicesltd.com
Port:
587
Username:
[email protected]
Password:
*o9H+18Q4%;M
Email To:
[email protected]

Targets

- Target
  
  PO-230151.exe
- Size
  
  252KB
- MD5
  
  cd520ab59400de42821c982466a9d155
- SHA1
  
  f7fa58a0deda5443f607b18fd02fad021e890a34
- SHA256
  
  bf41e07f38fbdce181613bf7425843a84f0d7cf5ff43858418e566b0ee9a429e
- SHA512
  
  5bbd25dd255e9575f1b581fd5e5626ea63788e1996f49b90cb61c10c8ce8766e07573c2c873645d95015982bb27c6ba6ffe582eb735cdc6502e386523e998a4f
- SSDEEP
  
  3072:+NV682LersDM/Q/qx+9wqY+mhhhmitqOj2fxvPXj5:w2LersDGQ/qxKi2vj5
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

agentteslakeyloggerspywarestealertrojan