agenttesla | 804d083d79760fedd410c64cad608b4496e34a3d7c3979d25258f1796bf308df | Triage

Sharing

General

Target

804d083d79760fedd410c64cad608b4496e34a3d7c3979d25258f1796bf308df
Size

64KB
Sample

231208-cqa8maaa4v
MD5

25fae33fa96cdcdfaa1176d7818d3ae6
SHA1

3de43a39eace8723ae64da5af474297df479f253
SHA256

804d083d79760fedd410c64cad608b4496e34a3d7c3979d25258f1796bf308df
SHA512

6285f04d8659cd5b0a3290e148a3950e1ce9c3aa4e9ad800f5c9d1d30928d1aa5823dc48c865810bf585b8e48f3e970944f51a0bd095c065f9321a2bd44d7c70
SSDEEP

192:wdQ8+pGrmjALBBhaqFYw55bGTzK5jX92PxcZiHu:wO8YKmjSxFv5JQzKJX9roHu

Score

10^/10

agenttesla keylogger persistence spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.jaazgroup.com
Port:
587
Username:
[email protected]
Password:
cincin/123
Email To:
[email protected]

Targets

- Target
  
  KEIBOJS_000000242301_pdf.exe
- Size
  
  12KB
- MD5
  
  993da48540a2412e8db984b790944f34
- SHA1
  
  f4c946466fd439ebedd8c045909674e76f765f29
- SHA256
  
  b50565bf09e5dacbab8707a725376464874b24e86f38e977c4a45de1049c9c62
- SHA512
  
  8788077de9a8fd932e11bb11581ee7b1ee3040b930408f641449f29d271ca1b1769497f1c07148873c1ab3e2eeda652fcafe26eef8f9b2f41c672206b216f1f9
- SSDEEP
  
  192:fdQ8+pGrmjALBBhaqFYw55bGTzK5jX92PxcZ:fO8YKmjSxFv5JQzKJX9r
Score

10^/10

agenttesla keylogger persistence spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

agentteslakeyloggerpersistencespywarestealertrojan