agenttesla | e0f1ef9fcfae45d393777618ac8c0a82b8c58d34053b019749fef31588de1f10 | Triage

Sharing

General

Target

e0f1ef9fcfae45d393777618ac8c0a82b8c58d34053b019749fef31588de1f10
Size

67KB
Sample

240425-c7yegseb7y
MD5

75d665089332432123f71fbc88882326
SHA1

20f065e60c8a45b0d3e6f76e4eba7a6b4ce79e53
SHA256

e0f1ef9fcfae45d393777618ac8c0a82b8c58d34053b019749fef31588de1f10
SHA512

ec79af230708d255facc14d871873674cd0d752cb5e1489fe3699e3212e7c20e1f8b1ee84749644a14ee632886dabb412ae6aed11677cb5e35a623d2d3b592b3
SSDEEP

1536:2XSMKpKeqLvjbAYLGX4YstY13c3E4J8N5yt3Yn1EjVGY38hX5HjLr5p4Q:DMyKeqLvoYXtYG04J8N5yt3Y1EjVGY3q

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: ftp
Host:
ftp://ftp.vila-gabriel.ro
Port:
21
Username:
[email protected]
Password:
bVkMH6R.pfF~NN@ossy$W!_pz[bh!9l(MU%UtX9L^W}vO=mn*g*;]}]

Targets

- Target
  
  e0f1ef9fcfae45d393777618ac8c0a82b8c58d34053b019749fef31588de1f10
- Size
  
  67KB
- MD5
  
  75d665089332432123f71fbc88882326
- SHA1
  
  20f065e60c8a45b0d3e6f76e4eba7a6b4ce79e53
- SHA256
  
  e0f1ef9fcfae45d393777618ac8c0a82b8c58d34053b019749fef31588de1f10
- SHA512
  
  ec79af230708d255facc14d871873674cd0d752cb5e1489fe3699e3212e7c20e1f8b1ee84749644a14ee632886dabb412ae6aed11677cb5e35a623d2d3b592b3
- SSDEEP
  
  1536:2XSMKpKeqLvjbAYLGX4YstY13c3E4J8N5yt3Yn1EjVGY38hX5HjLr5p4Q:DMyKeqLvoYXtYG04J8N5yt3Y1EjVGY3q
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2