agenttesla | 2370e801d06a0c4977bf64cdfec27714dc0bb7fe4a9e9944c9929a9807377f2c | Triage

Sharing

General

Target

0996766724211.exe
Size

674KB
Sample

231207-va3l2sdf68
MD5

48b6438b9a73205e4355661cf7af25ef
SHA1

99af68e1a2f540b66d34bffa8190eb61f04c8710
SHA256

2370e801d06a0c4977bf64cdfec27714dc0bb7fe4a9e9944c9929a9807377f2c
SHA512

4314d71000c478dd570fbb6e769689c4cbde097f294c27d205236263b09c4d5c30d1cc94cb0d237d5211f1ca9811d69298b0424cff6c530a2f20b7b45fd8bcd0
SSDEEP

12288:Z1CSfMlEXU/uLHbXhIjThLOv8mcDrnxSfKzTcyxn:VfMlEbhIvhLOv8BDrnxSizoyxn

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.etasimali.com
Port:
587
Username:
[email protected]
Password:
RECRUTEMENT@2023
Email To:
[email protected]

Targets

- Target
  
  0996766724211.exe
- Size
  
  674KB
- MD5
  
  48b6438b9a73205e4355661cf7af25ef
- SHA1
  
  99af68e1a2f540b66d34bffa8190eb61f04c8710
- SHA256
  
  2370e801d06a0c4977bf64cdfec27714dc0bb7fe4a9e9944c9929a9807377f2c
- SHA512
  
  4314d71000c478dd570fbb6e769689c4cbde097f294c27d205236263b09c4d5c30d1cc94cb0d237d5211f1ca9811d69298b0424cff6c530a2f20b7b45fd8bcd0
- SSDEEP
  
  12288:Z1CSfMlEXU/uLHbXhIjThLOv8mcDrnxSfKzTcyxn:VfMlEbhIvhLOv8BDrnxSizoyxn
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

agentteslakeyloggerspywarestealertrojan