agenttesla | 35e6acc4ddeace130bae6e47e1e1062862fd7f6b4fecf8136dd3e109c5011aa4 | Triage

Sharing

General

Target

ANÁLISIS DEL CONTRATO-pdf.exe
Size

703KB
Sample

231207-va38ksdf73
MD5

1a19d3b35592f19f97ad7c43b0a875e6
SHA1

38fd4bb32e9b5a0d58413954bed06aadb3e714ba
SHA256

35e6acc4ddeace130bae6e47e1e1062862fd7f6b4fecf8136dd3e109c5011aa4
SHA512

8f9de97ca969b26809fc47101091c20895bcc35793a331d22cc7fa32929fcc2229eb7b99b44d3a070431adc0795d5c81175e8fb98688a73382d72d4ad3ebf0f4
SSDEEP

12288:ywFGHEJsv/EqlEyhS6fOaoceSZylgimtdYM3O0V7bbb:y5HEJsHEqlHSkElgZtub0V7j

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: ftp
Host:
ftp://ftp.vvspijkenisse.nl
Port:
21
Username:
[email protected]
Password:
playingboyz231

Targets

- Target
  
  ANÁLISIS DEL CONTRATO-pdf.exe
- Size
  
  703KB
- MD5
  
  1a19d3b35592f19f97ad7c43b0a875e6
- SHA1
  
  38fd4bb32e9b5a0d58413954bed06aadb3e714ba
- SHA256
  
  35e6acc4ddeace130bae6e47e1e1062862fd7f6b4fecf8136dd3e109c5011aa4
- SHA512
  
  8f9de97ca969b26809fc47101091c20895bcc35793a331d22cc7fa32929fcc2229eb7b99b44d3a070431adc0795d5c81175e8fb98688a73382d72d4ad3ebf0f4
- SSDEEP
  
  12288:ywFGHEJsv/EqlEyhS6fOaoceSZylgimtdYM3O0V7bbb:y5HEJsHEqlHSkElgZtub0V7j
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan