agenttesla | d63479ab0f886e83ad5b3a87021cd0f9e68a55bc95c1ac0f6f2b9bd505bb7855 | Triage

Sharing

General

Target

chrme.exe
Size

3.8MB
Sample

240426-c6cfmahc8z
MD5

ee00a6f2b4c502a4132bb362c22ebfc9
SHA1

0dd02a779556215993bd7d8a91ff47f59c76c0ad
SHA256

d63479ab0f886e83ad5b3a87021cd0f9e68a55bc95c1ac0f6f2b9bd505bb7855
SHA512

c379e97965c6ef4dac4222950d7a005060a2d004494b87675b8952ab5454505caecea7e98f7282e7f9bb93ed2422e2687c307d6797f3cc9d1723e9a6ba302044
SSDEEP

98304:bmhr/7J8d9gYg5T39WNqpvh1w6GDk0Y7K5JEyUaJnraU11lwnkqXf0FF:b+nJUgj0I5h1lGg0gKHEyUeLXl0kSIF

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Targets

- Target
  
  chrme.exe
- Size
  
  3.8MB
- MD5
  
  ee00a6f2b4c502a4132bb362c22ebfc9
- SHA1
  
  0dd02a779556215993bd7d8a91ff47f59c76c0ad
- SHA256
  
  d63479ab0f886e83ad5b3a87021cd0f9e68a55bc95c1ac0f6f2b9bd505bb7855
- SHA512
  
  c379e97965c6ef4dac4222950d7a005060a2d004494b87675b8952ab5454505caecea7e98f7282e7f9bb93ed2422e2687c307d6797f3cc9d1723e9a6ba302044
- SSDEEP
  
  98304:bmhr/7J8d9gYg5T39WNqpvh1w6GDk0Y7K5JEyUaJnraU11lwnkqXf0FF:b+nJUgj0I5h1lGg0gKHEyUeLXl0kSIF
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan