agenttesla | a15946bcf70731d07f14370f0d7b6ec28c8a5a79800efb5efc3605fa178d29a4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a15946bcf70731d07f14370f0d7b6ec28c8a5a79800efb5efc3605fa178d29a4
Size

986KB
Sample

240420-btb4nacg57
MD5

d7a56f7ff8f5b620a675f9052430902e
SHA1

28ad22bf04cc5d45f1856149b76a741c3195bfae
SHA256

a15946bcf70731d07f14370f0d7b6ec28c8a5a79800efb5efc3605fa178d29a4
SHA512

cc2e8665deecbe1a501c14ebbe3e97c7027b244b971af91e41c561bc312130c9755f36629e9bf2736d46f9db70e8ad34b1243daab89c5fdbc122f44e2cb4d5ef
SSDEEP

24576:gvqbG6A9exbbaFBhsYLkQmbhvIDYjoe1L:gH6MwCBhsYT0vIKZ

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.gazityres.com
Port:
587
Username:
[email protected]
Password:
Gazi1975
Email To:
[email protected]

Targets

- Target
  
  a15946bcf70731d07f14370f0d7b6ec28c8a5a79800efb5efc3605fa178d29a4
- Size
  
  986KB
- MD5
  
  d7a56f7ff8f5b620a675f9052430902e
- SHA1
  
  28ad22bf04cc5d45f1856149b76a741c3195bfae
- SHA256
  
  a15946bcf70731d07f14370f0d7b6ec28c8a5a79800efb5efc3605fa178d29a4
- SHA512
  
  cc2e8665deecbe1a501c14ebbe3e97c7027b244b971af91e41c561bc312130c9755f36629e9bf2736d46f9db70e8ad34b1243daab89c5fdbc122f44e2cb4d5ef
- SSDEEP
  
  24576:gvqbG6A9exbbaFBhsYLkQmbhvIDYjoe1L:gH6MwCBhsYT0vIKZ
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan