agenttesla | 8ae19e3251dba01332ffd91143493d26cc08979fcd180399ba8d0bf94f9b8645 | Triage

Submit
Reports

Overview

overview

Static

static

3

psr.exe

windows10-2004-x64

Sharing

General

Target

psr.exe
Size

6.1MB
Sample

240427-2943gsba51
MD5

5755187dac236dd093925920d0313f63
SHA1

f83cccc3f4e5ff339069ea66ae69910512b9476b
SHA256

8ae19e3251dba01332ffd91143493d26cc08979fcd180399ba8d0bf94f9b8645
SHA512

02f50e6ef79f555ec01f2eda8f5054a90116c5f4a6f0ef4130237cdd4c780a01927fd7dcf0b4d4eb94dfa20aef50c933e147f7ed2381a3adb85c73c5fdc5f2bd
SSDEEP

98304:Zn7823eX2B/t/Mxzb71QGQCPDbZfHayCb7BJ5mjwNwwMeZYj6btVUJF+bSr+DkcJ:Zn7d1JMVdQmRfaycBIGpEjal3kcI0

Score

10^/10

agenttesla keylogger pyinstaller spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

psr.exe

Resource

win10v2004-20240426-en

agenttesla keylogger spyware stealer trojan

windows10-2004-x64

9 signatures

600 seconds

Malware Config

Targets

- Target
  
  psr.exe
- Size
  
  6.1MB
- MD5
  
  5755187dac236dd093925920d0313f63
- SHA1
  
  f83cccc3f4e5ff339069ea66ae69910512b9476b
- SHA256
  
  8ae19e3251dba01332ffd91143493d26cc08979fcd180399ba8d0bf94f9b8645
- SHA512
  
  02f50e6ef79f555ec01f2eda8f5054a90116c5f4a6f0ef4130237cdd4c780a01927fd7dcf0b4d4eb94dfa20aef50c933e147f7ed2381a3adb85c73c5fdc5f2bd
- SSDEEP
  
  98304:Zn7823eX2B/t/Mxzb71QGQCPDbZfHayCb7BJ5mjwNwwMeZYj6btVUJF+bSr+DkcJ:Zn7d1JMVdQmRfaycBIGpEjal3kcI0
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- AgentTesla payload
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy