agenttesla | 5795da812968208e067795465789e438fe7df242795ea1883bb0ea95b22fcef6 | Triage

Sharing

General

Target

Quote request--FL202306200039 pdf.exe
Size

744KB
Sample

240408-qbj4wadb8s
MD5

f5b081e53c163a0964387a8228590e5e
SHA1

6d4742d9e3a692f5e6a4c2e5bc68e1c1cae944d5
SHA256

5795da812968208e067795465789e438fe7df242795ea1883bb0ea95b22fcef6
SHA512

ab5fd4e3f1ec50a9d7fa3d214dabd09e8f71182403f794fb1bc50b63c44110378228cfe122610fa22b2b5fbc0bdbbcba86bbee303bf4854aeacdcc7b01a105b5
SSDEEP

12288:8B1oVeondJjLZPbrXIYtoG2uihO4MJKH1xWJUik0C8b93TA+ihnRLytv9Fo:2o5ddLlbEiihIq1AUiLJRk+irLytvA

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.hamouneco.com
Port:
587
Username:
[email protected]
Password:
HamounEco@9466
Email To:
[email protected]

Targets

- Target
  
  Quote request--FL202306200039 pdf.exe
- Size
  
  744KB
- MD5
  
  f5b081e53c163a0964387a8228590e5e
- SHA1
  
  6d4742d9e3a692f5e6a4c2e5bc68e1c1cae944d5
- SHA256
  
  5795da812968208e067795465789e438fe7df242795ea1883bb0ea95b22fcef6
- SHA512
  
  ab5fd4e3f1ec50a9d7fa3d214dabd09e8f71182403f794fb1bc50b63c44110378228cfe122610fa22b2b5fbc0bdbbcba86bbee303bf4854aeacdcc7b01a105b5
- SSDEEP
  
  12288:8B1oVeondJjLZPbrXIYtoG2uihO4MJKH1xWJUik0C8b93TA+ihnRLytv9Fo:2o5ddLlbEiihIq1AUiLJRk+irLytvA
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan