agenttesla | 7dacac821953858719bb3d48b9f989495201dd8c7e894110ba1c1bbc8b380760 | Triage

Sharing

General

Target

7dacac821953858719bb3d48b9f989495201dd8c7e894110ba1c1bbc8b380760
Size

668KB
Sample

240330-bq89zsdh4s
MD5

9d2ae1a94a625a119a0fa33eadd6f459
SHA1

25c21a8691003e0a305fb295a640b5f55ebe4256
SHA256

7dacac821953858719bb3d48b9f989495201dd8c7e894110ba1c1bbc8b380760
SHA512

cf4bea8a276bc426c84bb1f9f0f40d06958dbb6487bc1b30cafc2f4cbd93e1d1971dd20e298a20cdaa0d042e20010b67cbe8fee52967ee9ba1af0ea60ce9a804
SSDEEP

12288:0epLK1px6UVVb8PNx83uQ6zI5nTcCZqP8zQVmPB/EDbj7+domaBxXX4T:06izhcNxFunoCgChEDbjUoRBy

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.hamouneco.com
Port:
587
Username:
[email protected]
Password:
HamounEco@9466
Email To:
[email protected]

Targets

- Target
  
  7dacac821953858719bb3d48b9f989495201dd8c7e894110ba1c1bbc8b380760
- Size
  
  668KB
- MD5
  
  9d2ae1a94a625a119a0fa33eadd6f459
- SHA1
  
  25c21a8691003e0a305fb295a640b5f55ebe4256
- SHA256
  
  7dacac821953858719bb3d48b9f989495201dd8c7e894110ba1c1bbc8b380760
- SHA512
  
  cf4bea8a276bc426c84bb1f9f0f40d06958dbb6487bc1b30cafc2f4cbd93e1d1971dd20e298a20cdaa0d042e20010b67cbe8fee52967ee9ba1af0ea60ce9a804
- SSDEEP
  
  12288:0epLK1px6UVVb8PNx83uQ6zI5nTcCZqP8zQVmPB/EDbj7+domaBxXX4T:06izhcNxFunoCgChEDbjUoRBy
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan