agenttesla | 062918b6e2820ad1177fc2cfb30a91cce6110e763ec6c045e7913f2c5c92a6db | Triage

Sharing

General

Target

Note.zip
Size

2.5MB
Sample

240424-y246qsgh54
MD5

a3d4f1ffa84ca8f25fd2f2d21b60e375
SHA1

5d266b85f55eb375e7031f98f2ad21b46f0b68d3
SHA256

062918b6e2820ad1177fc2cfb30a91cce6110e763ec6c045e7913f2c5c92a6db
SHA512

0d89fe13edc02302ceac27ace83ddfab255cf8a536c72e2c4ac3830bca6369c62b8ff86394bf26d1489e24b050c5a06acb184dbf66da5d892ac0119fb1b3ba8a
SSDEEP

49152:DkPAL2ZYMYp0uh9Mw2X72W2iLFAl/NAhmGeonEyT6vHUqNTKbqZNZ6:RLrNhGw2qW2ipa4mcEy2vUqNTKeZNZ6

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Targets

- Target
  
  Note.zip
- Size
  
  2.5MB
- MD5
  
  a3d4f1ffa84ca8f25fd2f2d21b60e375
- SHA1
  
  5d266b85f55eb375e7031f98f2ad21b46f0b68d3
- SHA256
  
  062918b6e2820ad1177fc2cfb30a91cce6110e763ec6c045e7913f2c5c92a6db
- SHA512
  
  0d89fe13edc02302ceac27ace83ddfab255cf8a536c72e2c4ac3830bca6369c62b8ff86394bf26d1489e24b050c5a06acb184dbf66da5d892ac0119fb1b3ba8a
- SSDEEP
  
  49152:DkPAL2ZYMYp0uh9Mw2X72W2iLFAl/NAhmGeonEyT6vHUqNTKbqZNZ6:RLrNhGw2qW2ipa4mcEy2vUqNTKeZNZ6
Score

1^/10
behavioral1
- Target
  
  Note/Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  c19e9e6a4bc1b668d19505a0437e7f7e
- SHA1
  
  73be712aef4baa6e9dabfc237b5c039f62a847fa
- SHA256
  
  9ac8b65e5c13292a8e564187c1e7446adc4230228b669383bd7b07035ab99a82
- SHA512
  
  b6cd0af436459f35a97db2d928120c53d3691533b01e4f0e8b382f2bd81d9a9a2c57e5e2aa6ade9d6a1746d5c4b2ef6c88d3a0cf519424b34445d0d30aab61de
- SSDEEP
  
  49152:6QNztBO2+VN7N3HtnPhx70ZO4+CPXOn5PThDH2TBeHjvjiBckYf+Yh/FJ3:6Ahck2z
Score

1^/10
behavioral2
- Target
  
  Note/NoteSpoofer.exe
- Size
  
  888KB
- MD5
  
  03212759dbac99b4548670d8f5a158f3
- SHA1
  
  27c87c780c480c9894606786eb61addb1a6418fb
- SHA256
  
  2e31fac191d17a1936de6e722c2fbf68a23fde4a6f4bbf88d9757a8784374d10
- SHA512
  
  c1770e57a6d36d80a0006c0f2a21a9a4bd08de78a20533350334e5803d0b7b0d935529f369186281c3263547105614010c5f4ac6f35c5aca320a9a5c2be92a39
- SSDEEP
  
  12288:xVOhaRdWSxwlzoH9I1DnTyMoTDhLPTeeq9CsgWZJE09QZgkUV3NfHO92htLXnj:GaiVU9INboTDUHC3WZ2MkY3Tj
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
behavioral3
- Target
  
  Note/SerialChecker.bat
- Size
  
  1KB
- MD5
  
  d6a391da8bf56820b880ced246f4dff0
- SHA1
  
  4530c7a22d7c55a7e87e4014553f3f6e7e14ee38
- SHA256
  
  ae12f8690d2d876411c8b96efafd4e692b40f9c19ba36758f16775655514acb3
- SHA512
  
  7d084cbd702f1181022fe85318fa586d47bd352e1eb6f3f319d1607e38684b0db657588c5003ce01762f1ad844c3615dd14a3e83ca4f80a0bca246e735dbebeb
Score

1^/10
behavioral4
- Target
  
  Note/Xerin.Runtime.dll
- Size
  
  1.2MB
- MD5
  
  2c82e38ac5094b3b0dd41fc50a7b0c04
- SHA1
  
  b3e811934d5be3a8a639599184b2e07386248b83
- SHA256
  
  51b6156da6d249d4a855626d7fb5c5cff95ef182a610c72b20aa0fc7b0158654
- SHA512
  
  d8230e7b42d0f580036d8da12e487b28201ea7ccad2ffe93224574effa9db69e16e432215ff9687b76b28383b259c04e71d3beb833f75b81e4b0a96039e7f787
- SSDEEP
  
  24576:YMgG5u7AZCpU4jScYfgF/FaBhL0Fb8lUTgCv8B+8U8R:YCiOCpDucYYVb8CvWb
Score

1^/10
behavioral5

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

agentteslakeyloggerspywarestealertrojan

behavioral4

behavioral5