agenttesla | 09c053c0a75d4dc1c4479a74804720cd4cfc42afa744923e1df62eb8a94b2141 | Triage

Sharing

General

Target

b617a6a12b850a9e5ad881b143074f39.bin
Size

423KB
Sample

240124-d3r8cahddj
MD5

e92ef3ca036ff6016ec75546933c9525
SHA1

0dbfb2f6ad59f92e038b615215a2c2767f2c8c21
SHA256

09c053c0a75d4dc1c4479a74804720cd4cfc42afa744923e1df62eb8a94b2141
SHA512

1da2671ece986b391f23d72612da56e3d1c268b612567096a86515cd203082c9b8ef2e251e349c403ad8c15da91385685bb624d8981071641bcfe11803d3705a
SSDEEP

6144:5yntH3rlTnyR7SMugSk0m2UAasQnbM6fM+cxddtD5MS+DTr0bra8iQIqCC+w4lLx:0pbCSDgvuUpHbM6MHx7tySgUbrEQ7QN

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
smtp.ionos.fr
Port:
587
Username:
[email protected]
Password:
qualite77
Email To:
[email protected]

Extracted

Credentials

Protocol: smtp
Host:
smtp.ionos.fr
Port:
587
Username:
[email protected]
Password:
qualite77

Targets

- Target
  
  954ac4022c4ca231ad8dcc85b327c427257fb567237ec503a1d402814c39df61.exe
- Size
  
  731KB
- MD5
  
  b617a6a12b850a9e5ad881b143074f39
- SHA1
  
  82596003d006df00fe86d4b3b907422d74ef8ed9
- SHA256
  
  954ac4022c4ca231ad8dcc85b327c427257fb567237ec503a1d402814c39df61
- SHA512
  
  d45cf36b506708de0f19ba7103509ad92edf36b8bb2b4a8e2d44636327a366a81fbc6eb491a3cc9dd362bb37871fbbd52d05cd348bce0c8d807cbfb324d95079
- SSDEEP
  
  12288:IqLPyXcTj2/u/WcYppCgwzgdpevyxdp7OmVfItQTuMNDqUOwr:x6XdEWcYigXe6x2GfItOuMNDCi
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan