agenttesla | 3533bb1d5280378525630f776686e689a8f9f278f319055c438577bcc3afa737 | Triage

Sharing

General

Target

240426-zdc8sabf89_pw_infected.zip
Size

7.2MB
Sample

240426-2l1p6adf42
MD5

0256d1c2caff5360a99f6e57d84d1714
SHA1

9cdd3f5dd39dd1ee4b4a74f4b60dd262ea4022d3
SHA256

3533bb1d5280378525630f776686e689a8f9f278f319055c438577bcc3afa737
SHA512

d29ab82fe04a9b4844a386a03ae488c00c9472e9c3ae1fdeafd818aa2aeb22149b3533defa0a431175d67ebfde232dedeb160c83bafb8dfdacad6135a3d9b586
SSDEEP

196608:gFdLHTB3dgILJoOJ/R1Fjv+OgfpmmhnM0h:I9tWIFZ5ZVCpFn9

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Targets

- Target
  
  RMICHA CHEAT V3.exe
- Size
  
  7.4MB
- MD5
  
  acd128135a045f2e1adb4f94b37173d9
- SHA1
  
  cf46c18dc4362fe553d70927c24b025de260595d
- SHA256
  
  2017daac650e5dd2c83d44e1883f1703631e1526a059b7ae099bd3d664721b52
- SHA512
  
  064f2cf6d195bfe59339f8bc4ea9705b4d4fc6d970bcf580bb5b7c9808df527c5600bdcd21ab538c58242e38d095d34358df77c71131d81f8d8e2f7602a005d9
- SSDEEP
  
  196608:aQ0JMOxfbEdu2dTxKajBHYrIgtkSI9We/CJEr:NOfbEdu2dMcB4kSOWCC
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan