agenttesla | 773c087317d4fd8dc2f92144f6dda8929a829edcf7a7e80847d38fec09c88d93 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

773c087317d4fd8dc2f92144f6dda8929a829edcf7a7e80847d38fec09c88d93.exe
Size

1.1MB
Sample

240308-q2yd7age22
MD5

dbdcdd2c51d923aa30293e14be7a829e
SHA1

9466254f55f04134118f1f6b616007bb86d95f2e
SHA256

773c087317d4fd8dc2f92144f6dda8929a829edcf7a7e80847d38fec09c88d93
SHA512

04326eae48128dbae077f31c2150519ce789592f215b5725ca366ecf8ba34f28ca353ae967235b69224ee3e9f80dd1e725f6f719d10f776452a70f80fd2d183b
SSDEEP

12288:uiL+7/wHM6gCqCcT3ylTBkmLWSQsQqghyGEoofi+0UkoMGh5cfa1ZR2w:5L+d6gCqiPhxQsdg4GEpfi+soMcQ6

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: ftp
Host:
ftp://eu-west-1.sftpcloud.io
Port:
21
Username:
c075574a2af448809808296ff839567f
Password:
UTLc1SID7Y5LpcuIWt3ttrUfI4LcuCLY

Targets

- Target
  
  773c087317d4fd8dc2f92144f6dda8929a829edcf7a7e80847d38fec09c88d93.exe
- Size
  
  1.1MB
- MD5
  
  dbdcdd2c51d923aa30293e14be7a829e
- SHA1
  
  9466254f55f04134118f1f6b616007bb86d95f2e
- SHA256
  
  773c087317d4fd8dc2f92144f6dda8929a829edcf7a7e80847d38fec09c88d93
- SHA512
  
  04326eae48128dbae077f31c2150519ce789592f215b5725ca366ecf8ba34f28ca353ae967235b69224ee3e9f80dd1e725f6f719d10f776452a70f80fd2d183b
- SSDEEP
  
  12288:uiL+7/wHM6gCqCcT3ylTBkmLWSQsQqghyGEoofi+0UkoMGh5cfa1ZR2w:5L+d6gCqiPhxQsdg4GEpfi+soMcQ6
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan