agenttesla | 77581c07a5591cde668afc493ab3d29f8f5e8b3d2c375006e84f5eee0e81b487 | Triage

Sharing

General

Target

77581c07a5591cde668afc493ab3d29f8f5e8b3d2c375006e84f5eee0e81b487
Size

771KB
Sample

240425-cvw1wsde86
MD5

02d1f4040df27b4aec448b6a5c4fc6c2
SHA1

7e460b5e02cd4fb5b6915967629b98cf3272980f
SHA256

77581c07a5591cde668afc493ab3d29f8f5e8b3d2c375006e84f5eee0e81b487
SHA512

8f4de8f4c4b4998e04b9da74b52feb7ab55b3e95557c91187cecf76a32ab00d54f27c9fefbebc9ffe04ef63dc32b1582e3ca2baa2e6bc2e14266713aa90ea8ad
SSDEEP

24576:3F1EXJ49ba86w68RgYekjf5ltQavEqJ312Z:1+XJKO/EgYekD5hvEqJl2

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.triadtradingllc.com
Port:
587
Username:
[email protected]
Password:
tr@dingg7866
Email To:
[email protected]

Targets

- Target
  
  77581c07a5591cde668afc493ab3d29f8f5e8b3d2c375006e84f5eee0e81b487
- Size
  
  771KB
- MD5
  
  02d1f4040df27b4aec448b6a5c4fc6c2
- SHA1
  
  7e460b5e02cd4fb5b6915967629b98cf3272980f
- SHA256
  
  77581c07a5591cde668afc493ab3d29f8f5e8b3d2c375006e84f5eee0e81b487
- SHA512
  
  8f4de8f4c4b4998e04b9da74b52feb7ab55b3e95557c91187cecf76a32ab00d54f27c9fefbebc9ffe04ef63dc32b1582e3ca2baa2e6bc2e14266713aa90ea8ad
- SSDEEP
  
  24576:3F1EXJ49ba86w68RgYekjf5ltQavEqJ312Z:1+XJKO/EgYekD5hvEqJl2
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan