agenttesla | d1750d592f447e92a5b224bc09460fb1f351ebc07aec1ba03f7ce2dc0612ced4 | Triage

Submit
Reports

Overview

overview

Static

static

1

PySilon.key

windows10-1703-x64

Sharing

General

Target

PySilon.key
Size

1024KB
Sample

240416-mx7khsge99
MD5

da9adb2ee03690d8c21fe5b18e750ddf
SHA1

e69540dfa5ea437b7fb18462db856dbe82b65f7f
SHA256

d1750d592f447e92a5b224bc09460fb1f351ebc07aec1ba03f7ce2dc0612ced4
SHA512

7a1e7ffa69c545c312bde9ffdcb6ec4af04a461002b6427b75d873f7a85f51d890bf236f920cba8e6e6de5b5b425c03bf8b245d1819730be475310b6d3a5b699
SSDEEP

24576:h0PRQRAFQpBeNM5HwLSPqMdLgfhPYYMJEla83x:0RQScHi+7dL8YZis8B

Score

10^/10

agenttesla agilenet discovery evasion keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

PySilon.key

Resource

win10-20240404-en

agenttesla agilenet discovery evasion keylogger spyware stealer trojan

windows10-1703-x64

24 signatures

150 seconds

Malware Config

Targets

- Target
  
  PySilon.key
- Size
  
  1024KB
- MD5
  
  da9adb2ee03690d8c21fe5b18e750ddf
- SHA1
  
  e69540dfa5ea437b7fb18462db856dbe82b65f7f
- SHA256
  
  d1750d592f447e92a5b224bc09460fb1f351ebc07aec1ba03f7ce2dc0612ced4
- SHA512
  
  7a1e7ffa69c545c312bde9ffdcb6ec4af04a461002b6427b75d873f7a85f51d890bf236f920cba8e6e6de5b5b425c03bf8b245d1819730be475310b6d3a5b699
- SSDEEP
  
  24576:h0PRQRAFQpBeNM5HwLSPqMdLgfhPYYMJEla83x:0RQScHi+7dL8YZis8B
Score

10^/10

agenttesla agilenet discovery evasion keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

agentteslaagilenetdiscoveryevasionkeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy