agenttesla | 2b90a753fd2f28c391d607ace21d9477b1b22b213ffc5f541337aea128c98d8b | Triage

Sharing

General

Target

VC_redist.x64.exe
Size

1.3MB
Sample

231210-aclfbsbabm
MD5

1d897c3961ba925a30687d4a496264f4
SHA1

4701e3cfecd6add58fb684f3456c12fbd301ca9a
SHA256

2b90a753fd2f28c391d607ace21d9477b1b22b213ffc5f541337aea128c98d8b
SHA512

7c545b6e466dd7508d02a528aa76c636d54cf9f337c6b150ee8962880a18c9c4bdd6c7f345930fc7448d6ec94735c59bf70b6ba749aa80d4a2d817b0c9c34a04
SSDEEP

24576:UEqFRdngwtlaHxN8KUWVe6tw2wvKhLnGkqjVnlqud+/2P+A6:UEqHdngwwHv5VbtHwlkqXfd+/9A

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Targets

- Target
  
  VC_redist.x64.exe
- Size
  
  1.3MB
- MD5
  
  1d897c3961ba925a30687d4a496264f4
- SHA1
  
  4701e3cfecd6add58fb684f3456c12fbd301ca9a
- SHA256
  
  2b90a753fd2f28c391d607ace21d9477b1b22b213ffc5f541337aea128c98d8b
- SHA512
  
  7c545b6e466dd7508d02a528aa76c636d54cf9f337c6b150ee8962880a18c9c4bdd6c7f345930fc7448d6ec94735c59bf70b6ba749aa80d4a2d817b0c9c34a04
- SSDEEP
  
  24576:UEqFRdngwtlaHxN8KUWVe6tw2wvKhLnGkqjVnlqud+/2P+A6:UEqHdngwwHv5VbtHwlkqXfd+/9A
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan