Overview

overview

10

Static

static

3

New folder.7z

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    New folder.7z

  • Size

    16.3MB

  • Sample

    240326-rl9yqafa7t

  • MD5

    01b246b599d981da1bd896ad5d819130

  • SHA1

    33c34c31b540eb1f864fa5693018eeb1593543da

  • SHA256

    e332d17e2c53a22131325ce80d4742b107f8549cdad49cb6eb24a9d9167d1951

  • SHA512

    d502a726ac3168e05f14698d284ed098cb80aa06847984fa7111fad4cab9f4a50b174520e92a5d94dae9fcd1fab57dddd1d4fa1054d24bb0e57f852fdfc5af3f

  • SSDEEP

    393216:peaefSxUGFQV7L19sPBknHnGb+X1vk/ZueIGvkIn1wXDGhQw8ys:peaefSx5y77oBsA0AweIGn1syq

Score
10/10
agentteslakeyloggerspywarestealertrojan

Malware Config

Targets

    • Target

      New folder.7z

    • Size

      16.3MB

    • MD5

      01b246b599d981da1bd896ad5d819130

    • SHA1

      33c34c31b540eb1f864fa5693018eeb1593543da

    • SHA256

      e332d17e2c53a22131325ce80d4742b107f8549cdad49cb6eb24a9d9167d1951

    • SHA512

      d502a726ac3168e05f14698d284ed098cb80aa06847984fa7111fad4cab9f4a50b174520e92a5d94dae9fcd1fab57dddd1d4fa1054d24bb0e57f852fdfc5af3f

    • SSDEEP

      393216:peaefSxUGFQV7L19sPBknHnGb+X1vk/ZueIGvkIn1wXDGhQw8ys:peaefSx5y77oBsA0AweIGn1syq

    Score
    10/10
    agentteslakeyloggerspywarestealertrojan

    • AgentTesla

      Agent Tesla is a remote access tool (RAT) written in visual basic.

      keyloggertrojanstealerspywareagenttesla

    • AgentTesla payload

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks