Overview

overview

10

Static

static

1

URLScan

urlscan

1

https://cdn.discorda...

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://cdn.discordapp.com/attachments/1227447189110784041/1232356151153266739/Driverfn_x64.rar?ex=6629289a&is=6627d71a&hm=76541a23924903902aa14eaaa9b3d782f1fad86a7ed7b7321d8a4ab11b61f13d&

  • Sample

    240423-s7qbwahf43

Score
10/10
agentteslakeyloggerspywarestealertrojan

Malware Config

Targets

    • Target

      https://cdn.discordapp.com/attachments/1227447189110784041/1232356151153266739/Driverfn_x64.rar?ex=6629289a&is=6627d71a&hm=76541a23924903902aa14eaaa9b3d782f1fad86a7ed7b7321d8a4ab11b61f13d&

    Score
    10/10
    agentteslakeyloggerspywarestealertrojan

    • AgentTesla

      Agent Tesla is a remote access tool (RAT) written in visual basic.

      keyloggertrojanstealerspywareagenttesla

    • AgentTesla payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks