agenttesla | d913a8b769f15f990535d033b50189f04378290cf0c44e58926980eae27459da | Triage

Sharing

General

Target

KLN_MARKET.zip
Size

1.7MB
Sample

231209-sx7heaafb4
MD5

01ee7da20c542919667f3c5b08d00144
SHA1

baf918e5ff5076afbb004f466cb20da82960aff8
SHA256

d913a8b769f15f990535d033b50189f04378290cf0c44e58926980eae27459da
SHA512

4adcbaa9cf2fdb81244b01673d54773d32a17640f8add4116a51d1d8ff7f336650351e007b0a237820f40264663fd0de21bfcb0d0458e09e4320f1d6158094da
SSDEEP

49152:POT3E0wxGBedY5/b3U5gWAkkx/HZSBkjTuE:Pc3En+/exAkkxPEm/

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Targets

- Target
  
  Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  c19e9e6a4bc1b668d19505a0437e7f7e
- SHA1
  
  73be712aef4baa6e9dabfc237b5c039f62a847fa
- SHA256
  
  9ac8b65e5c13292a8e564187c1e7446adc4230228b669383bd7b07035ab99a82
- SHA512
  
  b6cd0af436459f35a97db2d928120c53d3691533b01e4f0e8b382f2bd81d9a9a2c57e5e2aa6ade9d6a1746d5c4b2ef6c88d3a0cf519424b34445d0d30aab61de
- SSDEEP
  
  49152:6QNztBO2+VN7N3HtnPhx70ZO4+CPXOn5PThDH2TBeHjvjiBckYf+Yh/FJ3:6Ahck2z
Score

1^/10
behavioral1
- Target
  
  Launcher.exe
- Size
  
  216KB
- MD5
  
  b431834edf99021cf97d0a5be32e74db
- SHA1
  
  0f10206595d7f6b52e73f6c969ec4e9d5e0b0c5d
- SHA256
  
  be7772f9ec74c9538e68a796a1ac783b6691a3c500d12a0beb04eeffc3525931
- SHA512
  
  56ea7de05c9eb8437dffc6dd1e6951feb10a3cc95207a90824e7d3be5a7b4113a387f77aa64a65524dabefc3d3a8a02d2ca73d958d8daa211013a690c1b4a106
- SSDEEP
  
  3072:IIym4PU5dNLJ9bW4qgjwZcCzS77A1HdG/N3XIfduIr9wkgYqMgRvrNWYJPPP1H4U:IExCcC2XIcuRqdfh7sGNEaAa4QXgP
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
behavioral2
- Target
  
  addons/clean.exe
- Size
  
  169KB
- MD5
  
  daa2a95b0075a645e87e780ce42c1dc6
- SHA1
  
  43f48f43eb714a9c10c9714c31d02f61b0811169
- SHA256
  
  617d17faefdff70a50f49f0d8d00b9d77f422ddb0d8cecd217d3d5e9cf0bf623
- SHA512
  
  ea79091f15738bcc41b8bb5d0e85b876d71ee22cb1dbaf8354912c201a793586b779238ab676059d710be0bd58e27f87d51e1c416f40cace0abb16d4ba8e4913
- SSDEEP
  
  3072:9/25jvDSgsqsb5Uh28vAbTV1WW69B9VjMdxPedN9ug0z9TBfFSFJH8KiHe1Czz1Q:wtzsb5Uh28+V1WW69B9VjMdxPedN9ugT
Score

1^/10
behavioral3
- Target
  
  addons/x64.exe
- Size
  
  1.4MB
- MD5
  
  fd8e566d88637434734ccd92a7d865fa
- SHA1
  
  0f11ce240cfddb9e83388678a1a0217a568ccd2c
- SHA256
  
  aaff12ff60520346cc72bb89fb2b879edfaf187e32e821a1486c6b5771eaa687
- SHA512
  
  610bfc4851358f281e88fb351724d54f6b4eea23723930ce7d0fa46b04d405d6457b90b58f9112539912e22a55d8ea3d26f52d94c90124cd13864b5fd01a0bcc
- SSDEEP
  
  24576:0T+hNLKhKnnxzIFlHmDbCnBdsZBlTLQxczp07vZORwm24kXqgKdfDjIzQW8bY03U:0SzLKhKnnmFlHOWnTQT3zxRj24kXGdfM
Score

4^/10
behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

agentteslakeyloggerspywarestealertrojan

behavioral3

behavioral4