agenttesla | d94feb76c437a73800e1282a57067bc918460ca1dbeca63b924f95b56fe28a3b | Triage

Sharing

General

Target

Orbit-protected.exe
Size

3.1MB
Sample

240426-q53hbadf3t
MD5

4057b18fcbb184950c85cfd7aac2a7fd
SHA1

f7ff5f5ebb6fb5c13610df4800ef5ec9ec991875
SHA256

d94feb76c437a73800e1282a57067bc918460ca1dbeca63b924f95b56fe28a3b
SHA512

3ba8bb0df69e6970c8d806c9e01d400a1594e8b2549eaf6e823a4a4df9da1692e515da23f6fd3aab09e71d1a02fce2eaf73feac18ab7df4b52f1e8bbb560bc33
SSDEEP

49152:CF3D5lJIm7P/GoSgt52WoITYbNbNWo4kSH3OqtwIrw+W7SCv:e3D5lJhP/GoSgt5ToIT4bNJFY3Oqt49

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Targets

- Target
  
  Orbit-protected.exe
- Size
  
  3.1MB
- MD5
  
  4057b18fcbb184950c85cfd7aac2a7fd
- SHA1
  
  f7ff5f5ebb6fb5c13610df4800ef5ec9ec991875
- SHA256
  
  d94feb76c437a73800e1282a57067bc918460ca1dbeca63b924f95b56fe28a3b
- SHA512
  
  3ba8bb0df69e6970c8d806c9e01d400a1594e8b2549eaf6e823a4a4df9da1692e515da23f6fd3aab09e71d1a02fce2eaf73feac18ab7df4b52f1e8bbb560bc33
- SSDEEP
  
  49152:CF3D5lJIm7P/GoSgt52WoITYbNbNWo4kSH3OqtwIrw+W7SCv:e3D5lJhP/GoSgt5ToIT4bNJFY3Oqt49
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan