agenttesla | 4860fc17275eb07503f1a0def576d46e0be1eb29edb120891be9524b4ea2d986 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4860fc17275eb07503f1a0def576d46e0be1eb29edb120891be9524b4ea2d986
Size

1.1MB
Sample

240220-sxz4bsbc32
MD5

1004dc1250e41de40bc58d8eae8c0c45
SHA1

5bcfb97ed061660ec7a058583952cd142e27bb94
SHA256

4860fc17275eb07503f1a0def576d46e0be1eb29edb120891be9524b4ea2d986
SHA512

b1789b9c972cdf4bf0a102aaa90f25b017803a97843111b78675baa391bd671a6b9935948ccf493baa7b789d0bc3e2635b9eb90e4f6ff02248348e05d2ebbf70
SSDEEP

24576:4qDEvCTbMWu7rQYlBQcBiT6rprG8aQc2bBIdvD59lViL:4TvC/MTQYxsWR7aH2qBD59

Score

10^/10

agenttesla collection keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.worlorderbillions.top
Port:
587
Username:
[email protected]
Password:
@qwerty90123
Email To:
[email protected]

Targets

- Target
  
  4860fc17275eb07503f1a0def576d46e0be1eb29edb120891be9524b4ea2d986
- Size
  
  1.1MB
- MD5
  
  1004dc1250e41de40bc58d8eae8c0c45
- SHA1
  
  5bcfb97ed061660ec7a058583952cd142e27bb94
- SHA256
  
  4860fc17275eb07503f1a0def576d46e0be1eb29edb120891be9524b4ea2d986
- SHA512
  
  b1789b9c972cdf4bf0a102aaa90f25b017803a97843111b78675baa391bd671a6b9935948ccf493baa7b789d0bc3e2635b9eb90e4f6ff02248348e05d2ebbf70
- SSDEEP
  
  24576:4qDEvCTbMWu7rQYlBQcBiT6rprG8aQc2bBIdvD59lViL:4TvC/MTQYxsWR7aH2qBD59
Score

10^/10

agenttesla collection keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslacollectionkeyloggerspywarestealertrojan

behavioral2

agentteslacollectionkeyloggerspywarestealertrojan