agenttesla | 962fe128d96ea580d4ba3fae7ea6838949ae784e5e918208050c23cbc8b98f68 | Triage

Submit
Reports

Overview

overview

Static

static

3

NinjaUI.sfx.exe

windows11-21h2-x64

Sharing

General

Target

NinjaUI.sfx.exe
Size

2.9MB
Sample

240330-jf9rrsbb3z
MD5

4c98c571bc6fe4a316a8a95e1f3ade40
SHA1

da56f24e202126c2086af47dd49114668a6737f5
SHA256

962fe128d96ea580d4ba3fae7ea6838949ae784e5e918208050c23cbc8b98f68
SHA512

7f67a6b9857e5baacbb1d4ded174b4fe0eea65567136daa3de048b2c15a57699609b53dba989a17aa5341ede1615a76ee20d7b3bfbd102b40d95807619dcf8c8
SSDEEP

49152:ysldGB1fwWhBIldIOsmyBoxWxZtAMWHYIT74BMLCtWRdYv3ecVLf08wT1u281yH4:ys+WvIOkBoQZADuMnR2u6NuYgbRi5

Score

10^/10

agenttesla keylogger spyware stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

NinjaUI.sfx.exe

Resource

win11-20240221-en

agenttesla keylogger spyware stealer trojan

windows11-21h2-x64

12 signatures

300 seconds

Malware Config

Targets

- Target
  
  NinjaUI.sfx.exe
- Size
  
  2.9MB
- MD5
  
  4c98c571bc6fe4a316a8a95e1f3ade40
- SHA1
  
  da56f24e202126c2086af47dd49114668a6737f5
- SHA256
  
  962fe128d96ea580d4ba3fae7ea6838949ae784e5e918208050c23cbc8b98f68
- SHA512
  
  7f67a6b9857e5baacbb1d4ded174b4fe0eea65567136daa3de048b2c15a57699609b53dba989a17aa5341ede1615a76ee20d7b3bfbd102b40d95807619dcf8c8
- SSDEEP
  
  49152:ysldGB1fwWhBIldIOsmyBoxWxZtAMWHYIT74BMLCtWRdYv3ecVLf08wT1u281yH4:ys+WvIOkBoQZADuMnR2u6NuYgbRi5
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy