agenttesla | 1982885396758c7243448c68a1133d0317259803d5c54e65d776b21696c21e29 | Triage

Sharing

General

Target

1982885396758c7243448c68a1133d0317259803d5c54e65d776b21696c21e29
Size

3.1MB
Sample

240430-bnr8paga72
MD5

981aaba03c0e884b61465c244eb38ee5
SHA1

2198c52804a5c2f7a497e4e2280f08c486cf4765
SHA256

1982885396758c7243448c68a1133d0317259803d5c54e65d776b21696c21e29
SHA512

b4e338b4bed5a67e78d8f6c3fe116203370899f7fb2859bffd79bc2d8b2a556a65f97cc9a770f6060ee4b8fa250f154ea583e636c751726a72577630bcb30dae
SSDEEP

98304:xzuXNnqC2cf9NFmXbhE8jC7Pvo0Gr0BCa6:xYJNottjCE0GIMa6

Score

10^/10

agenttesla keylogger spyware stealer trojan

Malware Config

Extracted

Family

agenttesla

Credentials

Protocol: smtp
Host:
mail.atarod.org.af
Port:
587
Username:
[email protected]
Password:
A1tarod@23
Email To:
[email protected]

Targets

- Target
  
  1982885396758c7243448c68a1133d0317259803d5c54e65d776b21696c21e29
- Size
  
  3.1MB
- MD5
  
  981aaba03c0e884b61465c244eb38ee5
- SHA1
  
  2198c52804a5c2f7a497e4e2280f08c486cf4765
- SHA256
  
  1982885396758c7243448c68a1133d0317259803d5c54e65d776b21696c21e29
- SHA512
  
  b4e338b4bed5a67e78d8f6c3fe116203370899f7fb2859bffd79bc2d8b2a556a65f97cc9a770f6060ee4b8fa250f154ea583e636c751726a72577630bcb30dae
- SSDEEP
  
  98304:xzuXNnqC2cf9NFmXbhE8jC7Pvo0Gr0BCa6:xYJNottjCE0GIMa6
Score

10^/10

agenttesla keylogger spyware stealer trojan
- AgentTesla
  Agent Tesla is a remote access tool (RAT) written in visual basic.
  keylogger trojan stealer spyware agenttesla
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agentteslakeyloggerspywarestealertrojan

behavioral2

agentteslakeyloggerspywarestealertrojan