agenttesla | 01e8a1ca1f1bf33e403c46728290c2b82c7587233d32c82752f72b10f7a3f5e7 | Triage

Submit
Reports

Overview

overview

Static

static

1

DEVELOPER_...AN.rar

windows7-x64

DEVELOPER_...AN.rar

windows10-2004-x64

7

Sharing

General

Target

DEVELOPER_SNIPER_JOD_DARK_ESSENTIAL_PLAN.rar
Size

1.1MB
Sample

240329-wj4fdaec3y
MD5

cb80960b9a14711e70278bec71f14bbc
SHA1

0fadfe3996315a1d5eeb2c384a3e12ced1d20925
SHA256

01e8a1ca1f1bf33e403c46728290c2b82c7587233d32c82752f72b10f7a3f5e7
SHA512

4cff873710d4977dc55fa22d97ba15282f63cc6cc931f2201826c0995a7f620e7c46af1d8be6ee53c6d602b99c5b4185a468ad3f17448a82ee3444685489105d
SSDEEP

24576:QzJ6DGQqBbVwn6c+O0EcCPSR70/g/nucNygVJKz4NBbZxe9/XH:QzCRAVG5fauGs+JKQbihH

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

DEVELOPER_SNIPER_JOD_DARK_ESSENTIAL_PLAN.rar

Resource

win7-20240221-en

agenttesla keylogger spyware stealer trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

DEVELOPER_SNIPER_JOD_DARK_ESSENTIAL_PLAN.rar

Resource

win10v2004-20240226-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  DEVELOPER_SNIPER_JOD_DARK_ESSENTIAL_PLAN.rar
- Size
  
  1.1MB
- MD5
  
  cb80960b9a14711e70278bec71f14bbc
- SHA1
  
  0fadfe3996315a1d5eeb2c384a3e12ced1d20925
- SHA256
  
  01e8a1ca1f1bf33e403c46728290c2b82c7587233d32c82752f72b10f7a3f5e7
- SHA512
  
  4cff873710d4977dc55fa22d97ba15282f63cc6cc931f2201826c0995a7f620e7c46af1d8be6ee53c6d602b99c5b4185a468ad3f17448a82ee3444685489105d
- SSDEEP
  
  24576:QzJ6DGQqBbVwn6c+O0EcCPSR70/g/nucNygVJKz4NBbZxe9/XH:QzCRAVG5fauGs+JKQbihH
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

© 2018-2024

Terms | Privacy