agenttesla | 18823ee2c8f0eb332d3519eb7bad50124ddaab05364eaf1f4cbf26efa846f33a | Triage

Sharing

General

Target

ORDERN.F1676.23.exe
Size

800KB
Sample

231205-t944gsda52
MD5

48f3c7c07b24927689c8de637ee7b567
SHA1

47adfbcf07c63668c020c3f0c49a35668ec65a75
SHA256

18823ee2c8f0eb332d3519eb7bad50124ddaab05364eaf1f4cbf26efa846f33a
SHA512

e23fdc41a5e8ee6e3824ca7e4c338e0f9d6a336b81fc0d594d619ebae3a0a428d6d96557bcbc1e0acbd79e08934f56da836314786d7aa6beb5eafba5ef791ee4
SSDEEP

12288:0dKE6jD/62iNG5nF8BZlfr5Syj74fK9UrAfZRqusn9DwqoPLwbVl335kypwbfest:0dKtD/61Ic3FyrABRi9UqBDH5luGC

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.abi0expertise.com
Port:
587
Username:
[email protected]
Password:
Najwa1949!
Email To:
[email protected]

Targets

- Target
  
  ORDERN.F1676.23.exe
- Size
  
  800KB
- MD5
  
  48f3c7c07b24927689c8de637ee7b567
- SHA1
  
  47adfbcf07c63668c020c3f0c49a35668ec65a75
- SHA256
  
  18823ee2c8f0eb332d3519eb7bad50124ddaab05364eaf1f4cbf26efa846f33a
- SHA512
  
  e23fdc41a5e8ee6e3824ca7e4c338e0f9d6a336b81fc0d594d619ebae3a0a428d6d96557bcbc1e0acbd79e08934f56da836314786d7aa6beb5eafba5ef791ee4
- SSDEEP
  
  12288:0dKE6jD/62iNG5nF8BZlfr5Syj74fK9UrAfZRqusn9DwqoPLwbVl335kypwbfest:0dKtD/61Ic3FyrABRi9UqBDH5luGC
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan